Commit 4e618c2c293a34e819ca81cfb53ccd64f71f6521
1 parent
ea29ebc4
Exists in
staging
and in
30 other branches
fix html escape of article in plugin comment paragraph
Showing
2 changed files
with
9 additions
and
3 deletions
Show diff stats
plugins/comment_paragraph/test/functional/content_viewer_controller_test.rb
| ... | ... | @@ -26,4 +26,12 @@ class ContentViewerControllerTest < ActionController::TestCase |
| 26 | 26 | assert_tag 'div', :attributes => {:class => 'comment_paragraph'} |
| 27 | 27 | end |
| 28 | 28 | |
| 29 | + should 'parse article body with correct html escape' do | |
| 30 | + comment1 = fast_create(Comment, :paragraph_uuid => 0, :source_id => page.id) | |
| 31 | + @page.body='<p><strong>inner text</strong></p>' | |
| 32 | + @page.save | |
| 33 | + get :view_page, @page.url | |
| 34 | + assert_tag 'div', :content => 'inner text', :attributes => {:class => 'comment_paragraph'} | |
| 35 | + end | |
| 36 | + | |
| 29 | 37 | end | ... | ... |
plugins/comment_paragraph/views/comment_paragraph_plugin_profile/_comment_paragraph.html.erb
| 1 | 1 | <div class="comment-paragraph-plugin comments" id="comment-paragraph-plugin_<%= paragraph_uuid %>" data-paragraph="<%= paragraph_uuid %>"> |
| 2 | - <div class="comment_paragraph"> | |
| 3 | - <%= inner_html %> | |
| 4 | - </div> | |
| 2 | + <div class="comment_paragraph"><%= inner_html.html_safe %></div> | |
| 5 | 3 | <div class="side-comments-counter-container"> |
| 6 | 4 | <div class="side-comments-counter"> |
| 7 | 5 | <span class='comment-count-container <%= count==0 ? 'no-comments-yet':'' %>'> | ... | ... |