Commit f386c3a4115071c4d0ee145466d7e4feda89a64d
1 parent
20ce2db1
Exists in
staging
and in
42 other branches
ActionItem1225: escape with CGI.escape
Showing
2 changed files
with
2 additions
and
2 deletions
Show diff stats
app/controllers/public/profile_controller.rb
| ... | ... | @@ -19,7 +19,7 @@ class ProfileController < PublicController |
| 19 | 19 | |
| 20 | 20 | def tag |
| 21 | 21 | @tag = params[:id] |
| 22 | - @tag_cache_key = "tag_#{@tag.to_s.gsub(' ', '%20')}_#{profile.id.to_s}_page_#{params[:npage]}" | |
| 22 | + @tag_cache_key = "tag_#{CGI.escape(@tag.to_s)}_#{profile.id.to_s}_page_#{params[:npage]}" | |
| 23 | 23 | if is_cache_expired?(@tag_cache_key, true) |
| 24 | 24 | @tagged = profile.find_tagged_with(@tag).paginate(:per_page => 20, :page => params[:npage]) |
| 25 | 25 | end | ... | ... |
app/controllers/public/search_controller.rb
| ... | ... | @@ -230,7 +230,7 @@ class SearchController < PublicController |
| 230 | 230 | |
| 231 | 231 | def tag |
| 232 | 232 | @tag = environment.tags.find_by_name(params[:tag]) |
| 233 | - @tag_cache_key = "tag_#{@tag.to_s.gsub(' ', '%20')}_env_#{environment.id.to_s}_page_#{params[:npage]}" | |
| 233 | + @tag_cache_key = "tag_#{CGI.escape(@tag.to_s)}_env_#{environment.id.to_s}_page_#{params[:npage]}" | |
| 234 | 234 | if is_cache_expired?(@tag_cache_key, true) |
| 235 | 235 | @tagged = environment.articles.find_tagged_with(@tag).paginate(:per_page => 10, :page => params[:npage]) |
| 236 | 236 | end | ... | ... |