xss

author Ivan Kohler <ivan@freeside.biz>

Fri, 5 Feb 2016 12:46:51 +0000 (04:46 -0800)

committer Ivan Kohler <ivan@freeside.biz>

Fri, 5 Feb 2016 12:46:51 +0000 (04:46 -0800)
author Ivan Kohler <ivan@freeside.biz>
Fri, 5 Feb 2016 12:46:51 +0000 (04:46 -0800)
committer Ivan Kohler <ivan@freeside.biz>
Fri, 5 Feb 2016 12:46:51 +0000 (04:46 -0800)
diff --git a/httemplate/misc/confirm-address_standardize.html b/httemplate/misc/confirm-address_standardize.html

index 0a05c70..9d1a5c1 100644 (file)
--- a/httemplate/misc/confirm-address_standardize.html
+++ b/httemplate/misc/confirm-address_standardize.html
@@ -34,18 +34,18 @@ Confirm address standardization
    </TR>
    <TR>
  %     if ( $old{$pre.'company'} ) {
-    <TD><% $old{$pre.'company'} %></TD>
+    <TD><% $old{$pre.'company'} |h %></TD>
  %     }
    </TR>
    <TR>
-    <TD><% $old{$pre.'address1'} %></TD>
+    <TD><% $old{$pre.'address1'} |h %></TD>
      <TD ROWSPAN=3><FONT COLOR="#ff0000"><B><% $new{$pre.'error'} %></B></FONT></TD>
    </TR>
    <TR>
-    <TD><% $old{$pre.'address2'} %></TD>
+    <TD><% $old{$pre.'address2'} |h %></TD>
    </TR>
    <TR>
-    <TD><% $old{$pre.'city'} %>, <% $old{$pre.'state'} %>  <% $old{$pre.'zip'} %></TD>
+    <TD><% $old{$pre.'city'} |h %>, <% $old{$pre.'state'} |h %>  <% $old{$pre.'zip'} |h %></TD>
    </TR>
  %   } else { # not an error
  %     $rows++ if !$new{$pre.'addr_clean'};
@@ -68,21 +68,21 @@ Confirm address standardization
    <TR>
  %     if ( $old{$pre.'company'} ) {
    <TR>
-    <TD><% $old{$pre.'company'} %></TD>
-    <TD><% $new{$pre.'company'} %></TD>
+    <TD><% $old{$pre.'company'} |h %></TD>
+    <TD><% $new{$pre.'company'} |h %></TD>
    </TR>
  %     }
    <TR>
-    <TD><% $old{$pre.'address1'} %></TD>
-    <TD><% $new{$pre.'address1'} %></TD>
+    <TD><% $old{$pre.'address1'} |h %></TD>
+    <TD><% $new{$pre.'address1'} |h %></TD>
    </TR>
    <TR>
-    <TD><% $old{$pre.'address2'} %></TD>
-    <TD><% $new{$pre.'address2'} %></TD>
+    <TD><% $old{$pre.'address2'} |h %></TD>
+    <TD><% $new{$pre.'address2'} |h %></TD>
    </TR>
    <TR>
-    <TD><% $old{$pre.'city'} %>, <% $old{$pre.'state'} %>  <% $old{$pre.'zip'} %></TD>
-    <TD><% $new{$pre.'city'} %>, <% $new{$pre.'state'} %>  <% $new{$pre.'zip'} %></TD>
+    <TD><% $old{$pre.'city'} |h %>, <% $old{$pre.'state'} |h %>  <% $old{$pre.'zip'} |h %></TD>
+    <TD><% $new{$pre.'city'} |h %>, <% $new{$pre.'state'} |h %>  <% $new{$pre.'zip'} |h %></TD>
    </TR>
  
  %   } # if error
diff --git a/httemplate/misc/confirm-censustract.html b/httemplate/misc/confirm-censustract.html

index 024bc17..10ae918 100644 (file)
--- a/httemplate/misc/confirm-censustract.html
+++ b/httemplate/misc/confirm-censustract.html
@@ -13,8 +13,8 @@ Census tract error
  Confirm census tract
  % }
  </B><BR>
-<% $location{address1} %> <% $location{address2} %><BR>
-<% $location{city} %>, <% $location{state} %> <% $location{zip} %><BR>
+<% $location{address1} |h %> <% $location{address2} |h %><BR>
+<% $location{city} |h %>, <% $location{state} |h %> <% $location{zip} |h %><BR>
  <BR>
  % my $querystring = "census_year=$year&latitude=".$cache->get('latitude').'&longitude='.$cache->get('longitude');
  <A HREF="http://maps.ffiec.gov/FFIECMapper/TGMapSrv.aspx?<% $querystring %>"
author	Ivan Kohler <ivan@freeside.biz>
	Fri, 5 Feb 2016 12:46:51 +0000 (04:46 -0800)
committer	Ivan Kohler <ivan@freeside.biz>
	Fri, 5 Feb 2016 12:46:51 +0000 (04:46 -0800)
httemplate/misc/confirm-address_standardize.html		patch \| blob \| history
httemplate/misc/confirm-censustract.html		patch \| blob \| history