Commit f8169e9275e463a0cf1d39d947bfaf719575e908
1 parent
e8dc04bb
Exists in
theme-brasil-digital-from-staging
and in
9 other branches
video_plugin: fix html escape
Showing
1 changed file
with
3 additions
and
3 deletions
Show diff stats
plugins/video/views/content_viewer/_video.html.erb
| @@ -3,7 +3,7 @@ | @@ -3,7 +3,7 @@ | ||
| 3 | <link type="text/css" rel="stylesheet" href="https://vjs.zencdn.net/4.5.1/video-js.css" /> | 3 | <link type="text/css" rel="stylesheet" href="https://vjs.zencdn.net/4.5.1/video-js.css" /> |
| 4 | <video id="embedded_video" src="" class="video-js vjs-default-skin vjs-big-play-centered" controls preload="auto" | 4 | <video id="embedded_video" src="" class="video-js vjs-default-skin vjs-big-play-centered" controls preload="auto" |
| 5 | width="<%= @page.fitted_width %>" height="<%= @page.fitted_height %>" | 5 | width="<%= @page.fitted_width %>" height="<%= @page.fitted_height %>" |
| 6 | - data-setup='{ "techOrder": ["youtube"], "src": "<%= @page.video_url %>" }'> | 6 | + data-setup='<%=CGI::escapeHTML("{ \"techOrder\": [\"youtube\"], \"src\": \"#{@page.video_url}\" }") %>'> |
| 7 | <%= @page.no_browser_support_message %> | 7 | <%= @page.no_browser_support_message %> |
| 8 | </video> | 8 | </video> |
| 9 | <script src="https://vjs.zencdn.net/4.5.1/video.js"></script> | 9 | <script src="https://vjs.zencdn.net/4.5.1/video.js"></script> |
| @@ -12,7 +12,7 @@ | @@ -12,7 +12,7 @@ | ||
| 12 | <link type="text/css" rel="stylesheet" href="https://vjs.zencdn.net/4.5.1/video-js.css" /> | 12 | <link type="text/css" rel="stylesheet" href="https://vjs.zencdn.net/4.5.1/video-js.css" /> |
| 13 | <video id="embedded_video" src="" class="video-js vjs-default-skin vjs-big-play-centered" controls preload="auto" | 13 | <video id="embedded_video" src="" class="video-js vjs-default-skin vjs-big-play-centered" controls preload="auto" |
| 14 | width="<%= @page.fitted_width %>" height="<%= @page.fitted_height %>" | 14 | width="<%= @page.fitted_width %>" height="<%= @page.fitted_height %>" |
| 15 | - data-setup='{ "techOrder": ["vimeo"], "src": "<%= @page.video_url %>", "loop": true, "autoplay": false }'> | 15 | + data-setup='<%=CGI::escapeHTML("{ \"techOrder\": [\"video\"], \"src\": \"#{@page.video_url}\", \"loop\": true, \"autoplay\": false }") %>'> |
| 16 | <%= @page.no_browser_support_message %> | 16 | <%= @page.no_browser_support_message %> |
| 17 | </video> | 17 | </video> |
| 18 | <script src="https://vjs.zencdn.net/4.5.1/video.js"></script> | 18 | <script src="https://vjs.zencdn.net/4.5.1/video.js"></script> |
| @@ -31,4 +31,4 @@ | @@ -31,4 +31,4 @@ | ||
| 31 | <br style="clear:both" /> | 31 | <br style="clear:both" /> |
| 32 | </div> | 32 | </div> |
| 33 | <% _("Description:") %> | 33 | <% _("Description:") %> |
| 34 | -<%= @page.body %> | ||
| 35 | \ No newline at end of file | 34 | \ No newline at end of file |
| 35 | +<%= @page.body %> |