diff options
author | Cash Costello <cash.costello@gmail.com> | 2013-03-05 07:34:18 -0500 |
---|---|---|
committer | Cash Costello <cash.costello@gmail.com> | 2013-03-05 07:34:18 -0500 |
commit | 597c0a4e519e14ba42c77b518a44789e3a8067b0 (patch) | |
tree | 4c21e494088299fbe83106017cf2300d81a67046 /views/default/output/tags.php | |
parent | d149c0038d335133ed1628c105328b1e7a6681ea (diff) | |
download | elgg-597c0a4e519e14ba42c77b518a44789e3a8067b0.tar.gz elgg-597c0a4e519e14ba42c77b518a44789e3a8067b0.tar.bz2 |
Fixes #5165 handling html tags passed as tags
Diffstat (limited to 'views/default/output/tags.php')
-rw-r--r-- | views/default/output/tags.php | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/views/default/output/tags.php b/views/default/output/tags.php index 3082dd41e..41fd5f168 100644 --- a/views/default/output/tags.php +++ b/views/default/output/tags.php @@ -55,6 +55,7 @@ if (!empty($vars['tags'])) { $list_items = '<li>' . elgg_view_icon('tag', $icon_class) . '</li>'; foreach($vars['tags'] as $tag) { + $tag = htmlspecialchars($tag, ENT_QUOTES, 'UTF-8', false); if (!empty($vars['type'])) { $type = "&type={$vars['type']}"; } else { |