Commit 59351c5b authored by Matthieu Muffato's avatar Matthieu Muffato
Browse files

Analysis parameters should be HTML-escaped

parent 3cbe8e25
......@@ -65,8 +65,8 @@
</span></td>
<td class="td-input-value"><input class="input-value" id="<TMPL_VAR NAME=parameterValueID>"
type="text"
data-value="<TMPL_VAR NAME=value>"
value="<TMPL_VAR NAME=value>">
data-value="<TMPL_VAR NAME=value ESCAPE=HTML>"
value="<TMPL_VAR NAME=value ESCAPE=HTML>">
</td>
<TMPL_LOOP NAME=change_parameter>
<td class="button-cell"><a class="update_param btn btn-mini"
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment