Escape person.name in comment
This commit is contained in:
Dorian
parent
3e9cce2a4b
commit
d6e72cd2bb
1 changed files with 1 additions and 1 deletions
|
|
@ -129,7 +129,7 @@ module ApplicationHelper
|
|||
|
||||
def person_link(person)
|
||||
"<a href='/people/#{person.id}'>
|
||||
#{person.name}
|
||||
#{h(person.name)}
|
||||
</a>".html_safe
|
||||
end
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue