Commit 744028cf authored by Nigel McNie's avatar Nigel McNie
Browse files

Defense in depth - run some vars through |escape, although we know that...

Defense in depth - run some vars through |escape, although we know that currently they're safe vars.

Conflicts:

	htdocs/artefact/blog/theme/default/render/blogpost_renderfull.tpl
parent 16b99fb0
......@@ -11,12 +11,12 @@
{foreach from=$attachments item=item}
<tr class="r{cycle values=1,0}">
<td style="width: 22px;"><img src="{$item->iconpath|escape}" alt=""></td>
<td><a href="{$item->viewpath|escape}">{$item->title}</a> ({$item->size}) - <strong><a href="{$item->downloadpath|escape}">{str tag=Download section=artefact.file}</a></strong>
<td><a href="{$item->viewpath|escape}">{$item->title|escape}</a> ({$item->size|escape}) - <strong><a href="{$item->downloadpath|escape}">{str tag=Download section=artefact.file}</a></strong>
<br><strong>{$item->description|escape}</strong></td>
</tr>
{/foreach}
</tbody>
</table>
{/if}
<div class="postdetails">{$postedbyon}</div>
<div class="postdetails">{$postedbyon|escape}</div>
</div>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment