Commit 38000a7a3bbbf8238951758ef0bec717e6f265e3
1 parent
4d5aaa35
Exists in
master
avoid escape html on body and abstract proposals
Showing
3 changed files
with
6 additions
and
6 deletions
Show diff stats
views/content_viewer/_proposal_card.html.erb
| @@ -19,7 +19,7 @@ | @@ -19,7 +19,7 @@ | ||
| 19 | </div> | 19 | </div> |
| 20 | <% end %> | 20 | <% end %> |
| 21 | <div class="abstract"> | 21 | <div class="abstract"> |
| 22 | - <%= proposal_card.abstract %> | 22 | + <%= proposal_card.abstract.html_safe %> |
| 23 | </div> | 23 | </div> |
| 24 | <div class="score"> | 24 | <div class="score"> |
| 25 | <%= proposal_score(proposal_card) %> | 25 | <%= proposal_score(proposal_card) %> |
views/content_viewer/proposal.html.erb
| 1 | <span class="created-at"> | 1 | <span class="created-at"> |
| 2 | <span class="date"><%= show_date(proposal.published_at) %></span> | 2 | <span class="date"><%= show_date(proposal.published_at) %></span> |
| 3 | - <span class="author"><%= _(", by %s") % (proposal.author ? link_to(proposal.author_name, proposal.author_url) : proposal.author_name) %></span> | ||
| 4 | - <span class="comments"><%= _(" - %s") % link_to_comments(proposal) %></span> | 3 | + <span class="author"><%= _(", by %s").html_safe % (proposal.author ? link_to(proposal.author_name, proposal.author_url) : proposal.author_name) %></span> |
| 4 | + <span class="comments"><%= _(" - %s").html_safe % link_to_comments(proposal) %></span> | ||
| 5 | </span> | 5 | </span> |
| 6 | 6 | ||
| 7 | <div class="discussion"> | 7 | <div class="discussion"> |
| @@ -13,11 +13,11 @@ | @@ -13,11 +13,11 @@ | ||
| 13 | <%= topic_title proposal.topic %> | 13 | <%= topic_title proposal.topic %> |
| 14 | 14 | ||
| 15 | <div class="abstract"> | 15 | <div class="abstract"> |
| 16 | - <div class="content"><%= proposal.abstract %></div> | 16 | + <div class="content"><%= proposal.abstract.html_safe %></div> |
| 17 | </div> | 17 | </div> |
| 18 | 18 | ||
| 19 | <div class="body"> | 19 | <div class="body"> |
| 20 | - <div class="content"><%= proposal.body %></div> | 20 | + <div class="content"><%= proposal.body.html_safe %></div> |
| 21 | </div> | 21 | </div> |
| 22 | 22 | ||
| 23 | <% if proposal.created_by == user && !proposal.published %> | 23 | <% if proposal.created_by == user && !proposal.published %> |
views/proposals_discussion_plugin_myprofile/select_topic.html.erb