From 5683190d8d0d040117ec300d306655361408734a Mon Sep 17 00:00:00 2001
From: Moritz Bunkus <m.bunkus@linet-services.de>
Date: Fri, 26 Sep 2008 08:28:48 +0000
Subject: [PATCH] Attribut "name" HTML-escapen.

---
 templates/webpages/ct/form_header_de.html     | 2 +-
 templates/webpages/ct/form_header_master.html | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/templates/webpages/ct/form_header_de.html b/templates/webpages/ct/form_header_de.html
index 6102f1273..f93de8ca7 100644
--- a/templates/webpages/ct/form_header_de.html
+++ b/templates/webpages/ct/form_header_de.html
@@ -47,7 +47,7 @@
 
      <tr>
       <th align="right" nowrap>Firmenname</th>
-      <td><input name="name" size="35" maxlength="75" value="[% name %]"></td>
+      <td><input name="name" size="35" maxlength="75" value="[% HTML.escape(name) %]"></td>
      </tr>
 
      <tr>
diff --git a/templates/webpages/ct/form_header_master.html b/templates/webpages/ct/form_header_master.html
index 9c81380e1..ef278a3d5 100644
--- a/templates/webpages/ct/form_header_master.html
+++ b/templates/webpages/ct/form_header_master.html
@@ -47,7 +47,7 @@
 
      <tr>
       <th align="right" nowrap><translate>Company Name</translate></th>
-      <td><input name="name" size="35" maxlength="75" value="[% name %]"></td>
+      <td><input name="name" size="35" maxlength="75" value="[% HTML.escape(name) %]"></td>
      </tr>
 
      <tr>
-- 
2.20.1