diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2012-11-11 22:18:55 -0800 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2012-11-11 22:18:55 -0800 |
| commit | 4abeb53ac1ba98d441dab810c859c025e7307809 (patch) | |
| tree | e1c2c45c654f100e4278b0383adf86e7f7ae4dd0 /httemplate | |
| parent | 0ad00ab8a1ae4065a5817638b1ca89d5db6b3831 (diff) | |
fix XSS
Diffstat (limited to 'httemplate')
| -rw-r--r-- | httemplate/elements/location.html | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/httemplate/elements/location.html b/httemplate/elements/location.html index c606523f0..a0c5644e8 100644 --- a/httemplate/elements/location.html +++ b/httemplate/elements/location.html @@ -214,7 +214,7 @@ Example: <TR> <<%$th%> ALIGN="right">Tax district<BR>(automatic)</<%$th%>> <TD> - <INPUT TYPE="text" NAME="district" VALUE="<%$object->get('district')%>"> + <INPUT TYPE="text" NAME="district" VALUE="<% $object->get('district') |h %>"> </TD> </TR> % } |