X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/1f007b289c0597a098166c9327edca7d990c9e4e..5d07b6d76c9488334608d3db57c5bc79bb6d177d:/app/views/site/edit.html.erb?ds=inline diff --git a/app/views/site/edit.html.erb b/app/views/site/edit.html.erb index 79b1f64af..b29c0f200 100644 --- a/app/views/site/edit.html.erb +++ b/app/views/site/edit.html.erb @@ -65,7 +65,7 @@ zoom='14' if zoom.nil? window.onbeforeunload=function() { if (!changesaved) { - return "<%= t 'site.edit.potlatch_unsaved_changes' %>"; + return '<%= escape_javascript(t('site.edit.potlatch_unsaved_changes')) %>'; } } @@ -78,9 +78,10 @@ zoom='14' if zoom.nil? fo.addVariable('token','<%= session[:token] %>'); if (lat) { fo.addVariable('lat',lat); } if (lon) { fo.addVariable('long',lon); } - <% if params['gpx'] %>fo.addVariable('gpx' ,'<%= h(params['gpx'] ) %>');<% end %> - <% if params['way'] %>fo.addVariable('way' ,'<%= h(params['way'] ) %>');<% end %> - <% if params['node'] %>fo.addVariable('node','<%= h(params['node']) %>');<% end %> + <% if params['gpx'] %>fo.addVariable('gpx' ,'<%= h(params['gpx'] ) %>');<% end %> + <% if params['way'] %>fo.addVariable('way' ,'<%= h(params['way'] ) %>');<% end %> + <% if params['node'] %>fo.addVariable('node' ,'<%= h(params['node'] ) %>');<% end %> + <% if params['tileurl'] %>fo.addVariable('custombg','<%= h(params['tileurl']) %>');<% end %> fo.write("map"); }