X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/0c90905495a5d9fd40282456b4d4098da6adda48..801f02fdd95b056311d899e092b61be492b5cfd6:/app/views/site/index.rhtml diff --git a/app/views/site/index.rhtml b/app/views/site/index.rhtml index 98ab2ff1a..895885360 100644 --- a/app/views/site/index.rhtml +++ b/app/views/site/index.rhtml @@ -21,37 +21,37 @@ Licensed under the Creative Commons Attribution-Share Alike 2.0 license -by the OpenStreetMap project and it's contributors. +by the OpenStreetMap project and its contributors. <% if params['mlon'] and params['mlat'] %> <% marker = true %> -<% mlon = params['mlon'] %> -<% mlat = params['mlat'] %> +<% mlon = h(params['mlon']) %> +<% mlat = h(params['mlat']) %> <% end %> <% if params['minlon'] and params['minlat'] and params['maxlon'] and params['maxlat'] %> <% bbox = true %> -<% minlon = params['minlon'] %> -<% minlat = params['minlat'] %> -<% maxlon = params['maxlon'] %> -<% maxlat = params['maxlat'] %> +<% minlon = h(params['minlon']) %> +<% minlat = h(params['minlat']) %> +<% maxlon = h(params['maxlon']) %> +<% maxlat = h(params['maxlat']) %> <% end %> <% if params['lon'] and params['lat'] %> -<% lon = params['lon'] %> -<% lat = params['lat'] %> -<% zoom = params['zoom'] || '5' %> -<% layers = params['layers'] %> +<% lon = h(params['lon']) %> +<% lat = h(params['lat']) %> +<% zoom = h(params['zoom'] || '5') %> +<% layers = h(params['layers']) %> <% elsif params['mlon'] and params['mlat'] %> -<% lon = params['mlon'] %> -<% lat = params['mlat'] %> -<% zoom = params['zoom'] || '12' %> -<% layers = params['layers'] %> +<% lon = h(params['mlon']) %> +<% lat = h(params['mlat']) %> +<% zoom = h(params['zoom'] || '12') %> +<% layers = h(params['layers']) %> <% elsif cookies.key?("location") %> -<% lon,lat,zoom,layers = cookies["location"].value.first.split(",") %> +<% lon,lat,zoom,layers = cookies["location"].split(",") %> <% elsif @user and !@user.home_lon.nil? and !@user.home_lat.nil? %> <% lon = @user.home_lon %> <% lat = @user.home_lat %> @@ -67,39 +67,38 @@ by the OpenStreetMap project and it's contributors. <% else %> <% lon = '-0.1' %> <% lat = '51.5' %> -<% zoom = params['zoom'] || '5' %> -<% layers = params['layers'] %> +<% zoom = h(params['zoom'] || '5') %> +<% layers = h(params['layers']) %> <% end %> <% end %> - +<%= javascript_include_tag '/openlayers/OpenLayers.js' %> +<%= javascript_include_tag '/openlayers/OpenStreetMap.js' %> <%= javascript_include_tag 'map.js' %> -