HTML-escaping of error and info messages

2005-05-09 04:31:02 +00:00 · 2005-05-09 04:31:02 +00:00 · 7be6cbecba
commit 7be6cbecba
parent 757e58b94f
3 changed files with 19 additions and 4 deletions
--- a/app/controllers/wiki_controller.rb
+++ b/app/controllers/wiki_controller.rb
@ -205,9 +205,9 @@ class WikiController < ApplicationController
      # the application itself (for application errors, it's better not to rescue the error at all)
      rescue => e
        logger.error e
+        flash[:error] = e.message
        if in_a_web?
-          redirect_to :web => @web_name, :action => 'edit',
-              :action_suffix => "#{@page_name}?msg=#{e.message}"
+          redirect_to :web => @web_name, :action => 'edit', :id => @page_name
        else
          raise e
        end