From d19de49606d45046f9d7755b180e5850bceccd19 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Schie=C3=9Fle?= <schiessle@owncloud.com>
Date: Tue, 29 Jan 2013 22:32:59 +0100
Subject: [PATCH] prevent xss

---
 core/templates/layout.user.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/templates/layout.user.php b/core/templates/layout.user.php
index fb63200123..3337449a6c 100644
--- a/core/templates/layout.user.php
+++ b/core/templates/layout.user.php
@@ -1,7 +1,7 @@
 <!DOCTYPE html>
 <html>
 	<head>
-		<title><?php echo isset($_['application']) && !empty($_['application'])?$_['application'].' | ':'' ?>ownCloud <?php echo OC_User::getDisplayName()?' ('.OC_User::getDisplayName().') ':'' ?></title>
+		<title><?php echo isset($_['application']) && !empty($_['application'])?$_['application'].' | ':'' ?>ownCloud <?php echo OC_User::getDisplayName()?' ('.OC_Util::sanitizeHTML(OC_User::getDisplayName()).') ':'' ?></title>
 		<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
 		<link rel="shortcut icon" href="<?php echo image_path('', 'favicon.png'); ?>" /><link rel="apple-touch-icon-precomposed" href="<?php echo image_path('', 'favicon-touch.png'); ?>" />
 		<?php foreach($_['cssfiles'] as $cssfile): ?>