X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/7b172efeb62dca337e356dab0d14c69ec51216b7..2cbcabb3f6992904903a72dfbcef624bd391a314:/app/views/message/new.rhtml

diff --git a/app/views/message/new.rhtml b/app/views/message/new.rhtml
index 883fdfbc0..27c501322 100644
--- a/app/views/message/new.rhtml
+++ b/app/views/message/new.rhtml
@@ -3,7 +3,7 @@
 <h2>Send a new message to <%= display_name %></h2>
 
 <% if params[:display_name] %>
-<p>Writing a new message to <%= params[:display_name] %></p>  
+<p>Writing a new message to <%= h(params[:display_name]) %></p>  
 <p>TODO: drop down box of your friends</p>
 <%end%>