LP#1757526: escape more catalog data (MFHD edition)
[working/Evergreen.git] / Open-ILS / src / templates / opac / parts / record / issues-mfhd.tt2
index ced0ec6..bd6bb97 100644 (file)
@@ -20,7 +20,7 @@
                 NEXT UNLESS serial.$type.size;
                 IF !printed_mfhd_header; %]
                 <tr>
-                    <td class="rdetail-mfhd-head" colspan="2">[% l('Holdings summary ([_1])', serial.location) %]</td>
+                    <td class="rdetail-mfhd-head" colspan="2">[% l('Holdings summary ([_1])', serial.location) | html %]</td>
                 </tr>
                 [% printed_mfhd_header = 1;
                 END; %]
@@ -28,7 +28,7 @@
                     <td class="rdetail-mfhd-type">[% mfhd.$type %]</td>
                     <td class="rdetail-mfhd-contents">[%
                         FOR thing IN serial.$type;
-                            thing.join(", ");
+                            thing.join(", ") | html;
                         END %]</td>
                 </tr>
             [% END;