From fb8f3a7ada2b5e47f213356c6bf17d89caaa9c1f 2011-08-02 12:52:36
From: Toshi MARUYAMA <marutosijp2@yahoo.co.jp>
Date: 2011-08-02 12:52:36
Subject: [PATCH] HTML escape at app/helpers/timelog_helper.rb.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6356 e93f8b46-1217-0410-a6f0-8f06a7374b81

---

diff --git a/app/helpers/timelog_helper.rb b/app/helpers/timelog_helper.rb
index d314a96..df3cf79 100644
--- a/app/helpers/timelog_helper.rb
+++ b/app/helpers/timelog_helper.rb
@@ -129,7 +129,7 @@ module TimelogHelper
     elsif k = @available_criterias[criteria][:klass]
       obj = k.find_by_id(value.to_i)
       if obj.is_a?(Issue)
-        obj.visible? ? "#{obj.tracker} ##{obj.id}: #{obj.subject}" : "##{obj.id}"
+        obj.visible? ? h("#{obj.tracker} ##{obj.id}: #{obj.subject}") : h("##{obj.id}")
       else
         obj
       end