X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/a8333a38a2c9abf3304d61b20c5215d75fdd5795..c38c7df6c14b3bba64f7dc105168c4a1a0099cce:/app/views/user/account.rhtml

diff --git a/app/views/user/account.rhtml b/app/views/user/account.rhtml
index b25cb0071..c5312686a 100644
--- a/app/views/user/account.rhtml
+++ b/app/views/user/account.rhtml
@@ -34,9 +34,9 @@
 </script>
 
 <% if @user.home_lat.nil? or @user.home_lon.nil? %>
-  <% lon =  params['lon'] || '-0.1' %>
-  <% lat =  params['lat'] || '51.5' %>
-  <% zoom =  params['zoom'] || '4' %> 
+  <% lon = h(params['lon'] || '-0.1') %>
+  <% lat = h(params['lat'] || '51.5') %>
+  <% zoom = h(params['zoom'] || '4') %> 
 <% else %>
   <% marker = true %>
   <% mlon = @user.home_lon %> 
@@ -46,7 +46,8 @@
   <% zoom =  '12' %>
 <% end %>
 
-<script type="text/javascript" src="/openlayers/OpenLayers.js"></script>
+<%= javascript_include_tag '/openlayers/OpenLayers.js' %>
+<%= javascript_include_tag '/openlayers/OpenStreetMap.js' %>
 <%= javascript_include_tag 'map.js' %>
 
 <script type="text/javascript">