LP#1822630: further sanitizing of CGI params when embedded in HTML
[working/Evergreen.git] / Open-ILS / src / templates / opac / parts / header.tt2
index 76b2314..5f397c3 100644 (file)
@@ -19,7 +19,7 @@
     # parts/searchbar.tt2, and results.tt2.
     show_detail_view = 0;
     IF CGI.param("detail_record_view").defined;
-        show_detail_view = CGI.param("detail_record_view");
+        show_detail_view = CGI.param("detail_record_view") | html;
     ELSIF show_more_details.default == "true" OR
           show_more_details.default == "hide";
         show_detail_view = 1;