From: Ivan Kohler <ivan@freeside.biz>
Date: Sat, 8 Jun 2013 06:41:52 +0000 (-0700)
Subject: fix XSS
X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=commitdiff_plain;h=0f21021fea8f99d28b4507c3cffa55cbdd6f110d

fix XSS
---

diff --git a/httemplate/elements/search-cust_main.html b/httemplate/elements/search-cust_main.html
index e8c645eca..ba6a479a6 100644
--- a/httemplate/elements/search-cust_main.html
+++ b/httemplate/elements/search-cust_main.html
@@ -19,7 +19,7 @@ Example:
        NAME = "<% $field %>_search"
        ID   = "<% $field %>_search"
        SIZE = "32"
-       VALUE="<% $cust_main ? $cust_main->name : '(cust #, name or company)' %>"
+       VALUE="<% $cust_main ? $cust_main->name : '(cust #, name or company)' |h %>"
        onFocus="clearhint_<% $field %>_search(this);"
        onClick="clearhint_<% $field %>_search(this);"
        onChange="smart_<% $field %>_search(this);"