Mercurial Mercurial > pub > hg > cubicweb / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
web/formwidgets.py
changeset 10901 ddeac3ecdd88
parent 10783 02cc22d7d339
child 10902 41bd01ebebb4 
--- a/web/formwidgets.py	Fri Nov 20 14:17:46 2015 +0100
+++ b/web/formwidgets.py	Fri Oct 16 10:36:34 2015 +0200
@@ -618,7 +618,7 @@
                 iattrs['checked'] = u'checked'
             tag = tags.input(name=field.input_name(form, self.suffix),
                              type=self.type, value=value, **iattrs)
-            options.append(u'%s %s' % (tag, label))
+            options.append(u'%s %s' % (tag, xml_escape(label)))
         return sep.join(options)
cubicweb