From 3961268597abba4c2b231790cb4aa7936e73cdf8 Mon Sep 17 00:00:00 2001
From: Jo-Philipp Wich <jo@mein.io>
Date: Fri, 15 Nov 2019 19:05:05 +0100
Subject: [PATCH] luci-app-firewall: fix stored XSS in rule-details.lua

A previous fix to this file failed to address a second instance of the
same issue.

Fixes: c048f23ba ("luci-app-firewall: fix stored XSS in rule- and forward detail pages")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
---
 .../luasrc/model/cbi/firewall/rule-details.lua                  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/applications/luci-app-firewall/luasrc/model/cbi/firewall/rule-details.lua b/applications/luci-app-firewall/luasrc/model/cbi/firewall/rule-details.lua
index 48329c8b2..df6677129 100644
--- a/applications/luci-app-firewall/luasrc/model/cbi/firewall/rule-details.lua
+++ b/applications/luci-app-firewall/luasrc/model/cbi/firewall/rule-details.lua
@@ -190,7 +190,7 @@ else
 		name = translate("(Unnamed Rule)")
 	end
 
-	m.title = "%s - %s" %{ translate("Firewall - Traffic Rules"), name }
+	m.title = "%s - %s" %{ translate("Firewall - Traffic Rules"), luci.util.pcdata(name) }
 
 
 	s = m:section(NamedSection, arg[1], "rule", "")
-- 
2.25.1