Rails 2? If so, those interpolated values would need to be h()'d
On Wed, Apr 10, 2013 at 4:06 PM, Matthew Brookes <m...@brookes.net> wrote: > Hi! > > I'm getting an XSS warning for this: > > <%= image_tag > "http://maps.google.com/maps/api/staticmap?size=610x450&sensor=false&zoom=15&markers=#{@location.latitude}%2C#{@location.longitude}"; > %> > > Is there something I need to do to improve my code, or is this an expected > false positive? > > Thanks! > Matt. > > > > > On 10 April 2013 18:09, Matthew Brookes <m...@brookes.net> wrote: >> >> >
