Index: path_redirect.module
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/path_redirect/path_redirect.module,v
retrieving revision 1.3.2.34
diff -u -r1.3.2.34 path_redirect.module
--- path_redirect.module	20 Apr 2008 01:34:25 -0000	1.3.2.34
+++ path_redirect.module	14 May 2008 00:50:48 -0000
@@ -152,8 +152,8 @@
     $query = $r->query ? "?$r->query" : '';
     $fragment = $r->fragment ? "#$r->fragment" : '';
     $rows[] = array(
-      urldecode($path),
-      check_url($redirect . $query . $fragment),
+      htmlspecialchars(urldecode($path)),
+      htmlspecialchars($redirect . $query . $fragment),
       $types[$r->type]['title'],
       array('data' => l(t('test'), preg_replace('/\?.*/', '', urldecode($path)), NULL, strstr($path, '?') ? preg_replace('/.*\?/', '', $path) : NULL)),
       array('data' => l(t('edit'), 'admin/build/path-redirect/edit/'. $r->rid)),
@@ -494,7 +494,7 @@
       $types = path_redirect_status_codes();
       while ($redirect = db_fetch_object($result)) {
         $form['redirects'][$redirect->rid]['path'] = array(
-          '#value' => urldecode($redirect->path),
+          '#value' => htmlspecialchars(urldecode($redirect->path)),
         );
         $form['redirects'][$redirect->rid]['redirect'] = array(
           '#value' => $redirect->redirect,