]> git.openstreetmap.org Git - rails.git/blobdiff - app/views/browse/_common_details.html.erb
* use h() on username to avoid XSS
[rails.git] / app / views / browse / _common_details.html.erb
index 179b22f60813add46ec6a752d627e7bc404b46e9..0c486e0a716c789d94116e44282d52689d7294f0 100644 (file)
   <td><%= link_to common_details.changeset_id, :action => :changeset, :id => common_details.changeset_id %></td>
 </tr>
 
+<% if common_details.changeset.tags['comment'] %>
+  <tr>
+    <th><%= t 'browse.common_details.changeset_comment' %></th>
+    <td><%= auto_link(h(common_details.changeset.tags['comment'])) %></td>
+  </tr>
+<% end %>
+
 <%= render :partial => "tag_details", :object => common_details %>