From 4bcf7792f826a42e21df08847926feb75da1f2c5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bar=C4=B1=C5=9F=20Soner=20U=C5=9Fakl=C4=B1?=
 <barisusakli@gmail.com>
Date: Thu, 30 Jul 2015 14:39:28 -0400
Subject: [PATCH] xss fix

---
 src/controllers/index.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/controllers/index.js b/src/controllers/index.js
index 25e0b7f1ee..f08d696765 100644
--- a/src/controllers/index.js
+++ b/src/controllers/index.js
@@ -181,7 +181,7 @@ Controllers.robots = function (req, res) {
 Controllers.outgoing = function(req, res, next) {
 	var url = req.query.url,
 		data = {
-			url: url,
+			url: validator.escape(url),
 			title: meta.config.title,
 			breadcrumbs: helpers.buildBreadcrumbs([{text: '[[notifications:outgoing_link]]'}])
 		};