Download as
Browse Code »

Commit 32a6e23d4bddf6377c9e6676366f9fbbd16f881c

Authored by Marcos Pereira
1 parent 3939a7eb
Exists in new_security

fix safe_join calls and html_safe for blog_archives_block

Showing 3 changed files with 5 additions and 2 deletions   Show diff stats
app/helpers/events_helper.rb
  Diff comments   View file @32a6e23
1 module EventsHelper 1 module EventsHelper
2 2
3 include DatesHelper 3 include DatesHelper
  4 + include ActionView::Helpers::OutputSafetyHelper
  5 +
4 def list_events(date, events) 6 def list_events(date, events)
5 title = _('Events for %s') % show_date_month(date) 7 title = _('Events for %s') % show_date_month(date)
6 user_events = events.select { |item| item.display_to?(user) } 8 user_events = events.select { |item| item.display_to?(user) }
app/models/blog_archives_block.rb
  Diff comments   View file @32a6e23
@@ -40,9 +40,8 @@ class BlogArchivesBlock < Block @@ -40,9 +40,8 @@ class BlogArchivesBlock < Block
40 end 40 end
41 results << "</ul>" 41 results << "</ul>"
42 end 42 end
43 - results.html_safe  
44 block_title(title) + 43 block_title(title) +
45 - content_tag('ul', results, :class => 'blog-archives') + 44 + content_tag('ul', results.html_safe, :class => 'blog-archives') +
46 content_tag('div', link_to(_('Subscribe RSS Feed'), owner_blog.feed.url), :class => 'subscribe-feed') 45 content_tag('div', link_to(_('Subscribe RSS Feed'), owner_blog.feed.url), :class => 'subscribe-feed')
47 end 46 end
48 47
test/unit/recent_documents_block_test.rb
  Diff comments   View file @32a6e23
@@ -2,6 +2,8 @@ require_relative &quot;../test_helper&quot; @@ -2,6 +2,8 @@ require_relative &quot;../test_helper&quot;
2 2
3 class RecentDocumentsBlockTest < ActiveSupport::TestCase 3 class RecentDocumentsBlockTest < ActiveSupport::TestCase
4 4
  5 + include ActionView::Helpers::OutputSafetyHelper
  6 +
5 def setup 7 def setup
6 @articles = [] 8 @articles = []
7 @profile = create_user('testinguser').person 9 @profile = create_user('testinguser').person