##// END OF EJS Templates
jro_apps » redmine
RSS
Escape back_url field value (#2320)....
Jean-Philippe Lang -
r2123:29f364f63cbc
parent child
Show More
Side by Side Unified
Context file:
r2123:29f364f63cbc Loading diff...:
Show file before | Show file after | Hide comments
@@ -18,6 +18,7
18 require 'coderay'
18 require 'coderay'
19 require 'coderay/helpers/file_type'
19 require 'coderay/helpers/file_type'
20 require 'forwardable'
20 require 'forwardable'
21 require 'cgi'
21
22
22 module ApplicationHelper
23 module ApplicationHelper
23 include Redmine::WikiFormatting::Macros::Definitions
24 include Redmine::WikiFormatting::Macros::Definitions
@@ -525,7 +526,7 module ApplicationHelper
525
526
526 def back_url_hidden_field_tag
527 def back_url_hidden_field_tag
527 back_url = params[:back_url] || request.env['HTTP_REFERER']
528 back_url = params[:back_url] || request.env['HTTP_REFERER']
528 hidden_field_tag('back_url', back_url) unless back_url.blank?
529 hidden_field_tag('back_url', CGI.escape(back_url)) unless back_url.blank?
529 end
530 end
530
531
531 def check_all_links(form_name)
532 def check_all_links(form_name)
General Comments 0
You need to be logged in to leave comments. Login now