merge with master

Leandro Santos
2 parents c09dd81f 86688d49
Showing 3 changed files with 10 additions and 4 deletions Show diff stats
app/views/comment/_comment.html.erb
plugins/comment_paragraph/test/functional/content_viewer_controller_test.rb
plugins/comment_paragraph/views/comment_paragraph_plugin_profile/_comment_paragraph.html.erb
@@ -38,7 +38,7 @@
       <div class="comment-created-at">
         <%= show_time(comment.created_at) %>
       </div>
-      <h4><%= comment.title.blank? && '&nbsp;' || sanitize(comment.title) %></h4>
+      <h4><%= comment.title.blank? && '&nbsp;'.html_safe || sanitize(comment.title) %></h4>
       <div class="comment-text">
         <p/>
         <%= txt2html sanitize(comment.body) %>
@@ -26,4 +26,12 @@ class ContentViewerControllerTest &lt; ActionController::TestCase
     assert_tag 'div', :attributes => {:class => 'comment_paragraph'}
   end
+  should 'parse article body with correct html escape' do
+    comment1 = fast_create(Comment, :paragraph_uuid => 0, :source_id => page.id)
+    @page.body='<p><strong>inner text</strong></p>'
+    @page.save
+    get :view_page, @page.url
+    assert_tag 'div', :content => 'inner text', :attributes => {:class => 'comment_paragraph'}
+  end
+
 end
 <div class="comment-paragraph-plugin comments" id="comment-paragraph-plugin_<%= paragraph_uuid %>" data-paragraph="<%= paragraph_uuid %>">
-  <div class="comment_paragraph">
-    <%= inner_html %>
-  </div>
+  <div class="comment_paragraph"><%= inner_html.html_safe %></div>
   <div class="side-comments-counter-container">
     <div class="side-comments-counter">
       <span class='comment-count-container <%= count==0 ? 'no-comments-yet':'' %>'>
	@@ -38,7 +38,7 @@		@@ -38,7 +38,7 @@
38	<div class="comment-created-at">	38	<div class="comment-created-at">
39	<%= show_time(comment.created_at) %>	39	<%= show_time(comment.created_at) %>
40	</div>	40	</div>
41	- <h4><%= comment.title.blank? && ' ' \|\| sanitize(comment.title) %></h4>	41	+ <h4><%= comment.title.blank? && ' '.html_safe \|\| sanitize(comment.title) %></h4>
42	<div class="comment-text">	42	<div class="comment-text">
43	<p/>	43	<p/>
44	<%= txt2html sanitize(comment.body) %>	44	<%= txt2html sanitize(comment.body) %>
	@@ -26,4 +26,12 @@ class ContentViewerControllerTest < ActionController::TestCase		@@ -26,4 +26,12 @@ class ContentViewerControllerTest < ActionController::TestCase
26	assert_tag 'div', :attributes => {:class => 'comment_paragraph'}	26	assert_tag 'div', :attributes => {:class => 'comment_paragraph'}
27	end	27	end
28		28
		29	+ should 'parse article body with correct html escape' do
		30	+ comment1 = fast_create(Comment, :paragraph_uuid => 0, :source_id => page.id)
		31	+ @page.body='<p><strong>inner text</strong></p>'
		32	+ @page.save
		33	+ get :view_page, @page.url
		34	+ assert_tag 'div', :content => 'inner text', :attributes => {:class => 'comment_paragraph'}
		35	+ end
		36	+
29	end	37	end
1	<div class="comment-paragraph-plugin comments" id="comment-paragraph-plugin_<%= paragraph_uuid %>" data-paragraph="<%= paragraph_uuid %>">	1	<div class="comment-paragraph-plugin comments" id="comment-paragraph-plugin_<%= paragraph_uuid %>" data-paragraph="<%= paragraph_uuid %>">
2	- <div class="comment_paragraph">
3	- <%= inner_html %>
4	- </div>	2	+ <div class="comment_paragraph"><%= inner_html.html_safe %></div>
5	<div class="side-comments-counter-container">	3	<div class="side-comments-counter-container">
6	<div class="side-comments-counter">	4	<div class="side-comments-counter">
7	<span class='comment-count-container <%= count==0 ? 'no-comments-yet':'' %>'>	5	<span class='comment-count-container <%= count==0 ? 'no-comments-yet':'' %>'>