Fixed that TextHelper#text_field would corrypt when raw HTML was used as the value (mchenryc, Kevin Glowacz) [#80 state:resolved]

author: David Heinemeier Hansson <david@loudthinking.com> 2008-05-01 17:56:32 -0500
committer: David Heinemeier Hansson <david@loudthinking.com> 2008-05-01 17:56:32 -0500
commit: f6ec296ad84ac7e321980cfdd8bba2ea6ce3a14b (patch)
tree: b6478394f9ac4e475892130cf3e128dfd48b82bb /actionpack/lib
parent: 12288a034120e8b1f90fcd4ae5881a858fd1425e (diff)
download: rails-f6ec296ad84ac7e321980cfdd8bba2ea6ce3a14b.tar.gz
rails-f6ec296ad84ac7e321980cfdd8bba2ea6ce3a14b.tar.bz2
rails-f6ec296ad84ac7e321980cfdd8bba2ea6ce3a14b.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/actionpack/lib/action_view/helpers/form_helper.rb b/actionpack/lib/action_view/helpers/form_helper.rb
index 4459ccbce5..65f4fb6e45 100644
--- a/actionpack/lib/action_view/helpers/form_helper.rb
+++ b/actionpack/lib/action_view/helpers/form_helper.rb
@@ -486,6 +486,7 @@ module ActionView
         end
         options["type"] = field_type
         options["value"] ||= value_before_type_cast(object) unless field_type == "file"
+        options["value"] &&= html_escape(options["value"])
         add_default_name_and_id(options)
         tag("input", options)
       end
author	David Heinemeier Hansson <david@loudthinking.com>	2008-05-01 17:56:32 -0500
committer	David Heinemeier Hansson <david@loudthinking.com>	2008-05-01 17:56:32 -0500
commit	f6ec296ad84ac7e321980cfdd8bba2ea6ce3a14b (patch)
tree	b6478394f9ac4e475892130cf3e128dfd48b82bb /actionpack/lib
parent	12288a034120e8b1f90fcd4ae5881a858fd1425e (diff)
download	rails-f6ec296ad84ac7e321980cfdd8bba2ea6ce3a14b.tar.gz rails-f6ec296ad84ac7e321980cfdd8bba2ea6ce3a14b.tar.bz2 rails-f6ec296ad84ac7e321980cfdd8bba2ea6ce3a14b.zip