Commit 38000a7a3bbbf8238951758ef0bec717e6f265e3
1 parent
4d5aaa35
Exists in
master
avoid escape html on body and abstract proposals
Showing
3 changed files
with
6 additions
and
6 deletions
Show diff stats
views/content_viewer/_proposal_card.html.erb
views/content_viewer/proposal.html.erb
1 | 1 | <span class="created-at"> |
2 | 2 | <span class="date"><%= show_date(proposal.published_at) %></span> |
3 | - <span class="author"><%= _(", by %s") % (proposal.author ? link_to(proposal.author_name, proposal.author_url) : proposal.author_name) %></span> | |
4 | - <span class="comments"><%= _(" - %s") % link_to_comments(proposal) %></span> | |
3 | + <span class="author"><%= _(", by %s").html_safe % (proposal.author ? link_to(proposal.author_name, proposal.author_url) : proposal.author_name) %></span> | |
4 | + <span class="comments"><%= _(" - %s").html_safe % link_to_comments(proposal) %></span> | |
5 | 5 | </span> |
6 | 6 | |
7 | 7 | <div class="discussion"> |
... | ... | @@ -13,11 +13,11 @@ |
13 | 13 | <%= topic_title proposal.topic %> |
14 | 14 | |
15 | 15 | <div class="abstract"> |
16 | - <div class="content"><%= proposal.abstract %></div> | |
16 | + <div class="content"><%= proposal.abstract.html_safe %></div> | |
17 | 17 | </div> |
18 | 18 | |
19 | 19 | <div class="body"> |
20 | - <div class="content"><%= proposal.body %></div> | |
20 | + <div class="content"><%= proposal.body.html_safe %></div> | |
21 | 21 | </div> |
22 | 22 | |
23 | 23 | <% if proposal.created_by == user && !proposal.published %> | ... | ... |