From b8895861ffc5acc3595dc4a426221e04dd887cd1 Mon Sep 17 00:00:00 2001
From: j2blake <jeb228@cornell.edu>
Date: Tue, 16 Sep 2014 13:19:10 -0400
Subject: [PATCH] VIVO-861 Guard against Cross-Site Scripting attacks in the
 page title and in the body classes.

---
 themes/wilma/templates/head.ftl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/themes/wilma/templates/head.ftl b/themes/wilma/templates/head.ftl
index 26afe8b3..e28436dd 100644
--- a/themes/wilma/templates/head.ftl
+++ b/themes/wilma/templates/head.ftl
@@ -4,7 +4,7 @@
 <!-- Google Chrome Frame open source plug-in brings Google Chrome's open web technologies and speedy JavaScript engine to Internet Explorer-->
 <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
 
-<title>${title!siteName!}</title>
+<title>${(title?html)!siteName!}</title>
 
 <#-- VIVO OpenSocial Extension by UCSF -->
 <#if openSocial??>