Commit dabe481afb873d2e409a03f1b83bfbc849027f44
1 parent
5b5b05f5
Exists in
master
avoid html safe escape
Showing
4 changed files
with
5 additions
and
5 deletions
Show diff stats
lib/proposals_discussion_plugin/topic_helper.rb
| @@ -5,8 +5,8 @@ module ProposalsDiscussionPlugin::TopicHelper | @@ -5,8 +5,8 @@ module ProposalsDiscussionPlugin::TopicHelper | ||
| 5 | image_icon = topic.image ? image_tag(topic.image.public_filename(:thumb), :class => 'disable-zoom') : '' | 5 | image_icon = topic.image ? image_tag(topic.image.public_filename(:thumb), :class => 'disable-zoom') : '' |
| 6 | 6 | ||
| 7 | content_tag(:div, ( | 7 | content_tag(:div, ( |
| 8 | - content_tag(:div, '', :class=>'topic-color', :style => "background-color: #{topic.color};") + | ||
| 9 | - content_tag(:h2, link_to(image_icon + content_tag(:span, topic.title), topic.view_url)) | 8 | + content_tag(:div, '', :class=>'topic-color', :style => "background-color: #{topic.color};".html_safe) + |
| 9 | + content_tag(:h2, link_to((image_icon + content_tag(:span, topic.title)).html_safe, topic.view_url)) | ||
| 10 | ), :class => 'topic-title') | 10 | ), :class => 'topic-title') |
| 11 | end | 11 | end |
| 12 | 12 |
views/content_viewer/discussion.html.erb
| @@ -2,7 +2,7 @@ | @@ -2,7 +2,7 @@ | ||
| 2 | <%= javascript_include_tag 'plugins/proposals_discussion/proposals_list.js' %> | 2 | <%= javascript_include_tag 'plugins/proposals_discussion/proposals_list.js' %> |
| 3 | 3 | ||
| 4 | <div class="description"> | 4 | <div class="description"> |
| 5 | - <%= discussion.body %> | 5 | + <%= (discussion.body||'').html_safe %> |
| 6 | </div> | 6 | </div> |
| 7 | 7 | ||
| 8 | <div class="phases"> | 8 | <div class="phases"> |
views/content_viewer/discussion_topics.html.erb
| @@ -2,7 +2,7 @@ | @@ -2,7 +2,7 @@ | ||
| 2 | <%= javascript_include_tag 'plugins/proposals_discussion/proposals_list.js' %> | 2 | <%= javascript_include_tag 'plugins/proposals_discussion/proposals_list.js' %> |
| 3 | 3 | ||
| 4 | <div class="description"> | 4 | <div class="description"> |
| 5 | - <%= discussion.body %> | 5 | + <%= (discussion.body||'').html_safe %> |
| 6 | </div> | 6 | </div> |
| 7 | 7 | ||
| 8 | <% if discussion.allow_create?(user) %> | 8 | <% if discussion.allow_create?(user) %> |
views/content_viewer/topic.html.erb
| @@ -10,7 +10,7 @@ | @@ -10,7 +10,7 @@ | ||
| 10 | <div class="topic-content"> | 10 | <div class="topic-content"> |
| 11 | 11 | ||
| 12 | <div class="description"> | 12 | <div class="description"> |
| 13 | - <%= topic.body %> | 13 | + <%= (topic.body||'').html_safe %> |
| 14 | </div> | 14 | </div> |
| 15 | 15 | ||
| 16 | <% unless list_view %> | 16 | <% unless list_view %> |