projects
/
project/views.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
(parent:
6d5651e
)
#1134074 by dereine: Sanitize the prefix only with xss not check_plain
author
Daniel Wehner
Wed, 8 Jun 2011 21:56:16 +0000 (23:56 +0200)
committer
Daniel Wehner
Wed, 8 Jun 2011 21:56:16 +0000 (23:56 +0200)
handlers/views_handler_field_numeric.inc
patch
|
blob
|
blame
|
history
diff --git
a/handlers/views_handler_field_numeric.inc
b/handlers/views_handler_field_numeric.inc
index
61bc9ca
..
791747d
100644
(file)
--- a/
handlers/views_handler_field_numeric.inc
+++ b/
handlers/views_handler_field_numeric.inc
@@
-120,6
+120,6
@@
class views_handler_field_numeric extends views_handler_field {
$value = format_plural($value, $this->options['format_plural_singular'], $this->options['format_plural_plural']);
}
- return check_plain($this->options['prefix'] . $value . $this->options['suffix']);
+ return filter_xss($this->options['prefix']) . check_plain($value) . filter_xss($this->options['suffix']);
}
}
projects / project/views.git / commitdiff