fix xss vuln

2018-05-22 14:47:00 -07:00
parent 4b790e163e
commit 0e7349ca48
2 changed files with 2 additions and 2 deletions
--- a/app/views/artists/_form.html.erb
+++ b/app/views/artists/_form.html.erb
@@ -16,7 +16,7 @@
  </div>
  <%= f.input :other_names_comma, :hint => "Separate with commas", :as => :text, :label => "Other names" %>
  <%= f.input :group_name %>
-  <%= f.input :url_string, :label => "URLs", :as => :text, :input_html => {:size => "50x5", :value => params.dig(:artist, :url_string) || @artist.url_array.join("\n")} %>
+  <%= f.input :url_string, :label => "URLs", :as => :text, :input_html => {:size => "50x5", :value => params.dig(:artist, :url_string) || @artist.urls.join("\n")} %>

  <%= dtext_field "artist", "notes" %>
  <%= f.button :submit, "Submit" %>