avoid escape html on body and abstract proposals

Leandro Santos
1 parent 4d5aaa35
Showing 3 changed files with 6 additions and 6 deletions Show diff stats
views/content_viewer/_proposal_card.html.erb
views/content_viewer/proposal.html.erb
views/proposals_discussion_plugin_myprofile/select_topic.html.erb
@@ -19,7 +19,7 @@
       </div>
     <% end %>
     <div class="abstract">
-      <%= proposal_card.abstract %>
+      <%= proposal_card.abstract.html_safe %>
     </div>
     <div class="score">
       <%= proposal_score(proposal_card) %>
 <span class="created-at">
   <span class="date"><%= show_date(proposal.published_at) %></span>
-  <span class="author"><%= _(", by %s") % (proposal.author ? link_to(proposal.author_name, proposal.author_url) : proposal.author_name) %></span>
-  <span class="comments"><%= _(" - %s") % link_to_comments(proposal) %></span>
+  <span class="author"><%= _(", by %s").html_safe % (proposal.author ? link_to(proposal.author_name, proposal.author_url) : proposal.author_name) %></span>
+  <span class="comments"><%= _(" - %s").html_safe % link_to_comments(proposal) %></span>
 </span>
  
 <div class="discussion">
@@ -13,11 +13,11 @@
 <%= topic_title proposal.topic %>
  
 <div class="abstract">
-  <div class="content"><%= proposal.abstract %></div>
+  <div class="content"><%= proposal.abstract.html_safe %></div>
 </div>
  
 <div class="body">
-  <div class="content"><%= proposal.body %></div>
+  <div class="content"><%= proposal.body.html_safe %></div>
 </div>
  
 <% if proposal.created_by == user && !proposal.published %>
@@ -22,7 +22,7 @@
           <%= topic.title %>
         </h4>
         <div class="content">
-          <%= topic.body %>
+          <%= topic.body.html_safe %>
         </div>
       <% end %>
...	...	@@ -19,7 +19,7 @@
19	19	</div>
20	20	<% end %>
21	21	<div class="abstract">
22		- <%= proposal_card.abstract %>
	22	+ <%= proposal_card.abstract.html_safe %>
23	23	</div>
24	24	<div class="score">
25	25	<%= proposal_score(proposal_card) %>
...	...
1	1	<span class="created-at">
2	2	<span class="date"><%= show_date(proposal.published_at) %></span>
3		- <span class="author"><%= _(", by %s") % (proposal.author ? link_to(proposal.author_name, proposal.author_url) : proposal.author_name) %></span>
4		- <span class="comments"><%= _(" - %s") % link_to_comments(proposal) %></span>
	3	+ <span class="author"><%= _(", by %s").html_safe % (proposal.author ? link_to(proposal.author_name, proposal.author_url) : proposal.author_name) %></span>
	4	+ <span class="comments"><%= _(" - %s").html_safe % link_to_comments(proposal) %></span>
5	5	</span>
6	6
7	7	<div class="discussion">
...	...	@@ -13,11 +13,11 @@
13	13	<%= topic_title proposal.topic %>
14	14
15	15	<div class="abstract">
16		- <div class="content"><%= proposal.abstract %></div>
	16	+ <div class="content"><%= proposal.abstract.html_safe %></div>
17	17	</div>
18	18
19	19	<div class="body">
20		- <div class="content"><%= proposal.body %></div>
	20	+ <div class="content"><%= proposal.body.html_safe %></div>
21	21	</div>
22	22
23	23	<% if proposal.created_by == user && !proposal.published %>
...	...
...	...	@@ -22,7 +22,7 @@
22	22	<%= topic.title %>
23	23	</h4>
24	24	<div class="content">
25		- <%= topic.body %>
	25	+ <%= topic.body.html_safe %>
26	26	</div>
27	27	<% end %>
28	28
...	...