diff options
| author | Andy Staudacher <andy.st@gmail.com> | 2009-08-31 21:51:57 -0700 |
|---|---|---|
| committer | Andy Staudacher <andy.st@gmail.com> | 2009-08-31 21:51:57 -0700 |
| commit | 2bc73e2e36fefc3c1ee1b8e97e686c6729e58dcb (patch) | |
| tree | c511db2684ea957572a1d27caf49a08963ef8484 /modules/gallery/views/after_install_loader.html.php | |
| parent | 8c3a2db3803ccaa3572f0bf061ca7faf62f13fca (diff) | |
Fix XSS vectors in HTML attributes (mostly t() calls)
Diffstat (limited to 'modules/gallery/views/after_install_loader.html.php')
| -rw-r--r-- | modules/gallery/views/after_install_loader.html.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/gallery/views/after_install_loader.html.php b/modules/gallery/views/after_install_loader.html.php index 54484963..c2e3e1d9 100644 --- a/modules/gallery/views/after_install_loader.html.php +++ b/modules/gallery/views/after_install_loader.html.php @@ -1,6 +1,6 @@ <?php defined("SYSPATH") or die("No direct script access.") ?> <span id="gAfterInstall" - title="<?= t("Welcome to Gallery 3") ?>" + title="<?= t("Welcome to Gallery 3")->for_html_attr() ?>" href="<?= url::site("after_install") ?>"/> <script type="text/javascript"> $(document).ready(function(){$("#gAfterInstall").gallery_dialog({immediate: true});}); |