diff options
| author | Andy Staudacher <andy.st@gmail.com> | 2009-08-31 21:51:57 -0700 |
|---|---|---|
| committer | Andy Staudacher <andy.st@gmail.com> | 2009-08-31 21:51:57 -0700 |
| commit | 2bc73e2e36fefc3c1ee1b8e97e686c6729e58dcb (patch) | |
| tree | c511db2684ea957572a1d27caf49a08963ef8484 /themes/admin_default/views | |
| parent | 8c3a2db3803ccaa3572f0bf061ca7faf62f13fca (diff) | |
Fix XSS vectors in HTML attributes (mostly t() calls)
Diffstat (limited to 'themes/admin_default/views')
| -rw-r--r-- | themes/admin_default/views/admin.html.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/themes/admin_default/views/admin.html.php b/themes/admin_default/views/admin.html.php index 3b1ff92c..c54fdcb5 100644 --- a/themes/admin_default/views/admin.html.php +++ b/themes/admin_default/views/admin.html.php @@ -48,7 +48,7 @@ <li class="first"><?= html::anchor("albums/1", "← ".t("Back to the Gallery")) ?></li> <li id="gLogoutLink"><a href="<?= url::site("logout?continue=albums/1&csrf=$csrf") ?>"><?= t("Logout") ?></a></li> </ul> - <a id="gLogo" href="<?= url::site("albums/1") ?>" title="<?= t("go back to the Gallery") ?>"> + <a id="gLogo" href="<?= url::site("albums/1") ?>" title="<?= t("go back to the Gallery")->for_html_attr() ?>"> ← <?= t("back to the ...") ?> </a> <div id="gSiteAdminMenu" style="display: none;"> |