Escape emitted template option HTML.

2013-02-07 16:29:39 +01:00 · 2013-02-07 16:29:39 +01:00 · ce09949de9
commit ce09949de9
parent 3a20602939
1 changed files with 1 additions and 1 deletions
--- a/templates/2k11/index.tpl
+++ b/templates/2k11/index.tpl
@ -59,7 +59,7 @@
        </form>
        {serendipity_hookPlugin hook="quicksearch_plugin" hookAll="true"}
        {if $template_option.header_img}
-        <img src="{$template_option.header_img}" alt="">
+        <img src="{$template_option.header_img|@escape:"html"}" alt="">
        {/if}
    </header>
    {if $template_option.use_corenav}