From 72a3e69b5f4adafea8905e60213371ab1b2fc019 Mon Sep 17 00:00:00 2001
From: Ted Trask <ttrask01@yahoo.com>
Date: Thu, 15 Jan 2009 21:44:39 +0000
Subject: Modified html.lua and viewlibrary.lua and all html files to
 html_escape variables before displaying them.

git-svn-id: svn://svn.alpinelinux.org/acf/ipsec-tools/trunk@1678 ab2d0c66-481e-0410-8bed-d214d4d58bed
---
 ipsectools-uploadcert-html.lsp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'ipsectools-uploadcert-html.lsp')

diff --git a/ipsectools-uploadcert-html.lsp b/ipsectools-uploadcert-html.lsp
index a3e88ba..02ed7a0 100644
--- a/ipsectools-uploadcert-html.lsp
+++ b/ipsectools-uploadcert-html.lsp
@@ -5,7 +5,7 @@
 io.write(html.cfe_unpack(form))
 --]] %>
 
-<H1><%= form.label %></H1>
+<H1><%= html.html_escape(form.label) %></H1>
 <%
 	-- This is a kludge to get file upload working
 	form.action = page_info.script .. page_info.prefix .. page_info.controller .. "/" .. page_info.action .. '" enctype="multipart/form-data'
-- 
cgit v1.2.3