| Index: chrome/browser/ssl/ssl_error_info.cc
|
| ===================================================================
|
| --- chrome/browser/ssl/ssl_error_info.cc (revision 151708)
|
| +++ chrome/browser/ssl/ssl_error_info.cc (working copy)
|
| @@ -12,6 +12,7 @@
|
| #include "grit/chromium_strings.h"
|
| #include "grit/generated_resources.h"
|
| #include "net/base/cert_status_flags.h"
|
| +#include "net/base/escape.h"
|
| #include "net/base/net_errors.h"
|
| #include "net/base/ssl_info.h"
|
| #include "ui/base/l10n/l10n_util.h"
|
| @@ -55,7 +56,8 @@
|
| details =
|
| l10n_util::GetStringFUTF16(IDS_CERT_ERROR_COMMON_NAME_INVALID_DETAILS,
|
| UTF8ToUTF16(request_url.host()),
|
| - UTF8ToUTF16(dns_names[i]),
|
| + net::EscapeForHTML(
|
| + UTF8ToUTF16(dns_names[i])),
|
| UTF8ToUTF16(request_url.host()));
|
| short_description = l10n_util::GetStringUTF16(
|
| IDS_CERT_ERROR_COMMON_NAME_INVALID_DESCRIPTION);
|
| @@ -64,7 +66,7 @@
|
| extra_info.push_back(
|
| l10n_util::GetStringFUTF16(
|
| IDS_CERT_ERROR_COMMON_NAME_INVALID_EXTRA_INFO_2,
|
| - UTF8ToUTF16(cert->subject().common_name),
|
| + net::EscapeForHTML(UTF8ToUTF16(cert->subject().common_name)),
|
| UTF8ToUTF16(request_url.host())));
|
| break;
|
| }
|
|
|