Download as
Browse Code »

Commit 32a6e23d4bddf6377c9e6676366f9fbbd16f881c

Authored by Marcos Pereira
1 parent 3939a7eb
Exists in new_security

fix safe_join calls and html_safe for blog_archives_block

Showing 3 changed files with 5 additions and 2 deletions   Show diff stats
app/helpers/events_helper.rb
  Diff comments   View file @32a6e23
1 1 module EventsHelper
2 2  
3 3 include DatesHelper
  4 + include ActionView::Helpers::OutputSafetyHelper
  5 +
4 6 def list_events(date, events)
5 7 title = _('Events for %s') % show_date_month(date)
6 8 user_events = events.select { |item| item.display_to?(user) }
... ...
app/models/blog_archives_block.rb
  Diff comments   View file @32a6e23
... ... @@ -40,9 +40,8 @@ class BlogArchivesBlock < Block
40 40 end
41 41 results << "</ul>"
42 42 end
43   - results.html_safe
44 43 block_title(title) +
45   - content_tag('ul', results, :class => 'blog-archives') +
  44 + content_tag('ul', results.html_safe, :class => 'blog-archives') +
46 45 content_tag('div', link_to(_('Subscribe RSS Feed'), owner_blog.feed.url), :class => 'subscribe-feed')
47 46 end
48 47  
... ...
test/unit/recent_documents_block_test.rb
  Diff comments   View file @32a6e23
... ... @@ -2,6 +2,8 @@ require_relative &quot;../test_helper&quot;
2 2  
3 3 class RecentDocumentsBlockTest < ActiveSupport::TestCase
4 4  
  5 + include ActionView::Helpers::OutputSafetyHelper
  6 +
5 7 def setup
6 8 @articles = []
7 9 @profile = create_user('testinguser').person
... ...