d00bfa06dc2a084d1915779c2175a4d8bff0c879
galt
  Mon Sep 19 16:56:07 2016 -0700
fixing XSS problem in phyloGif

diff --git src/hg/phyloGif/phyloGif.c src/hg/phyloGif/phyloGif.c
index 9c7b6ed..4103ca5 100644
--- src/hg/phyloGif/phyloGif.c
+++ src/hg/phyloGif/phyloGif.c
@@ -630,32 +630,32 @@
 errCatchEnd(errCatch);
 if (errCatch->gotError)
     {
     errMsg = cloneString(errCatch->message->string);
     }
 errCatchFree(&errCatch);
 if (errMsg)
     {
     if (onWeb)
 	{
 	printf("Content-type: text/html\r\n");
 	printf("\r\n");
 	puts("<html><head><title>PhyloTree parse error</title></head><body><pre>");
 	/* we dont think the specific error message coming back are correct or useful
 	 * so supply a generic err msg */
-    	printf("Original input tree:\n[%s]\n\n",cgiString("phyloGif_tree"));
-    	printf("Input tree as passed to parser:\n[%s]\n\n",phyloData);
+    	htmlPrintf("Original input tree:\n[%s]\n\n",cgiString("phyloGif_tree"));
+    	htmlPrintf("Input tree as passed to parser:\n[%s]\n\n",phyloData);
     	printf("Parser syntax error:\n%s",errMsg);
     	puts("</pre></body></html>");
 	}
     else
 	{
     	warn("%s", errMsg);
 	}
     freez(&errMsg);    
     freez(&phyloData);
     return 0;
     }
 }