From 2771ea43d428d61a4942e079b663f1c2ec90c983 Mon Sep 17 00:00:00 2001
From: Benjamin Kellermann <Benjamin.Kellermann@gmx.de>
Date: Thu, 28 Jan 2010 21:50:09 +0100
Subject: bugfix: errorstring may contain <> etc...

---
 error.cgi | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'error.cgi')

diff --git a/error.cgi b/error.cgi
index bd5cf1b..8032bf1 100755
--- a/error.cgi
+++ b/error.cgi
@@ -83,7 +83,7 @@ if (errorstr)
 	$h << <<ERROR
 <br/>
 Please include the following as well:
-<pre style='background:#DDD;padding : 1em'>#{errorstr}</pre>
+<pre style='background:#DDD;padding : 1em'>#{CGI.escapeHTML(errorstr)}</pre>
 ERROR
 end
 
-- 
cgit v1.2.3