XSS fix (thanks to Nico Suhl)

author: Benjamin Kellermann <Benjamin.Kellermann@gmx.de> 2012-10-05 21:20:53 +0200
committer: Benjamin Kellermann <Benjamin.Kellermann@gmx.de> 2012-10-05 21:20:53 +0200
commit: 92dbee9efc93a30baa4a17cf2f96e5cb5daa05b3 (patch)
tree: d05b05791bbb037fffe07085c87676b80fe912cc /timestring.rb
parent: f6075ce7308338b65619afea2ebbd8e8e515021c (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/timestring.rb b/timestring.rb
index 387aba3..f61e631 100644
--- a/timestring.rb
+++ b/timestring.rb
@@ -73,7 +73,7 @@ class TimeString
 		if @time
 			"#{@date} #{time_to_s}"
 		else
-			@date.to_s
+			CGI.escapeHTML(@date.to_s)
 		end
 	end
 	def inspect
author	Benjamin Kellermann <Benjamin.Kellermann@gmx.de>	2012-10-05 21:20:53 +0200
committer	Benjamin Kellermann <Benjamin.Kellermann@gmx.de>	2012-10-05 21:20:53 +0200
commit	92dbee9efc93a30baa4a17cf2f96e5cb5daa05b3 (patch)
tree	d05b05791bbb037fffe07085c87676b80fe912cc /timestring.rb
parent	f6075ce7308338b65619afea2ebbd8e8e515021c (diff)