changelog | [dw-free] http://bugs.dwscoalition.org/show

[commit: http://hg.dwscoalition.org/dw-free/rev/d3f0f161fbb2]

http://bugs.dwscoalition.org/show_bug.cgi?id=3331

Escape the filter name when it's printed, just to be safe.

Patch by

kareila.

Files modified:

cgi-bin/DW/Widget/ReadingList.pm

--------------------------------------------------------------------------------
diff -r 8217d6186bde -r d3f0f161fbb2 cgi-bin/DW/Widget/ReadingList.pm
--- a/cgi-bin/DW/Widget/ReadingList.pm	Tue Jan 04 10:39:58 2011 +0800
+++ b/cgi-bin/DW/Widget/ReadingList.pm	Tue Jan 04 10:40:47 2011 +0800
@@ -42,7 +42,7 @@ sub render_body {
         $ret .= $class->ml( 'widget.readinglist.filters.title' );
         $ret .= "<ul>";
         foreach my $filter ( @filters ) {
-            $ret .= "<li><a href='" . $remote->journal_base . "/read/" . LJ::eurl( $filter->name ) . "'>" . $filter->name . "</a></li>\n";
+            $ret .= "<li><a href='" . $remote->journal_base . "/read/" . LJ::eurl( $filter->name ) . "'>" . LJ::ehtml( $filter->name ) . "</a></li>\n";
         }
         $ret .= "</ul>";
     } else {
--------------------------------------------------------------------------------

[dw-free] http://bugs.dwscoalition.org/show_bug.cgi?id=3331