From aa81d94cdf7f109d2407f641bf47545a8d261c62 Mon Sep 17 00:00:00 2001
From: mattab <matthieu.aubry@gmail.com>
Date: Fri, 29 Nov 2013 01:09:15 +1300
Subject: [PATCH] Escape iframe code when displaying in admin ui

---
 plugins/CoreAdminHome/templates/generalSettings.twig | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plugins/CoreAdminHome/templates/generalSettings.twig b/plugins/CoreAdminHome/templates/generalSettings.twig
index 04bbf7b698..6980863638 100644
--- a/plugins/CoreAdminHome/templates/generalSettings.twig
+++ b/plugins/CoreAdminHome/templates/generalSettings.twig
@@ -257,7 +257,7 @@
     {% set iframeOptOut %}
         <iframe style="border: 0; height: 200px; width: 600px;" src="{{ optOutUrl }}"></iframe>
     {% endset %}
-    <code>{{ iframeOptOut }}</code>
+    <code>{{ iframeOptOut|escape }}</code>
     <br/>
     {{ 'CoreAdminHome_OptOutExplanationBis'|translate("<a href='" ~ optOutUrl ~ "' target='_blank'>","</a>")|raw }}
 </p>
-- 
GitLab