Project

General

Profile

0001-fixes-6149-fixed-XSS-in-host-YAML-view.patch

Lukas Zapletal, 06/11/2014 02:16 PM

View differences:

app/controllers/hosts_controller.rb
175 175

  
176 176
    begin
177 177
      respond_to do |format|
178
        format.html { render :text => "<pre>#{@host.info.to_yaml}</pre>" }
178
        format.html { render :text => "<pre>#{ERB::Util.html_escape(@host.info.to_yaml)}</pre>" }
179 179
        format.yml { render :text => @host.info.to_yaml }
180 180
      end
181 181
    rescue
182
-