From b4bb45451820d40b519f0bb8968ac040974b13d2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fran=C3=A7ois=20Terrier?= <fterrier@gmail.com>
Date: Thu, 20 Jun 2013 14:29:58 +0200
Subject: [PATCH 1/2] html encode the url when it is written to the page

---
 Resources/views/layout.html.twig | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Resources/views/layout.html.twig b/Resources/views/layout.html.twig
index c89d590..9d2c69b 100644
--- a/Resources/views/layout.html.twig
+++ b/Resources/views/layout.html.twig
@@ -139,7 +139,7 @@
                 };
 
                 var displayFinalUrl = function(xhr, method, url, container) {
-                    container.html(method + ' ' + url);
+                    container.html(method + ' ' + $('<div>').text(url).html());
                 };
 
                 var displayResponseData = function(xhr, container) {

From 9236e9471ded84643f58f7de4f57fdd4897dff35 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fran=C3=A7ois=20Terrier?= <fterrier@gmail.com>
Date: Thu, 20 Jun 2013 15:05:02 +0200
Subject: [PATCH 2/2] using a simpler version

---
 Resources/views/layout.html.twig | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Resources/views/layout.html.twig b/Resources/views/layout.html.twig
index 9d2c69b..87777fc 100644
--- a/Resources/views/layout.html.twig
+++ b/Resources/views/layout.html.twig
@@ -139,7 +139,7 @@
                 };
 
                 var displayFinalUrl = function(xhr, method, url, container) {
-                    container.html(method + ' ' + $('<div>').text(url).html());
+                    container.text(method + ' ' + url);
                 };
 
                 var displayResponseData = function(xhr, container) {