diff --git a/app/views/content_viewer/_publishing_info.html.erb b/app/views/content_viewer/_publishing_info.html.erb index 1b3daff..92847fa 100644 --- a/app/views/content_viewer/_publishing_info.html.erb +++ b/app/views/content_viewer/_publishing_info.html.erb @@ -3,7 +3,7 @@ <%= show_time(@page.published_at) %> - <%= _(", by %s") % (@page.author ? link_to(@page.author_name, @page.author_url) : @page.author_name) %> + <%= _(", by %s").html_safe % (@page.author ? link_to(@page.author_name, @page.author_url) : @page.author_name) %> <% unless @no_comments %> diff --git a/test/integration/safe_strings_test.rb b/test/integration/safe_strings_test.rb index 414e3a2..52e6cb4 100644 --- a/test/integration/safe_strings_test.rb +++ b/test/integration/safe_strings_test.rb @@ -92,4 +92,12 @@ class SafeStringsTest < ActionDispatch::IntegrationTest get "/myprofile/marley" assert_select ".pending-tasks ul li a" end + + should 'not escape author link in publishing info of article' do + create_user('jimi', :password => 'test', :password_confirmation => 'test').activate + person = Person['jimi'] + article = fast_create(Article, author_id: person.id, profile_id: person.id) + get url_for(article.view_url) + assert_select ".publishing-info .author a" + end end -- libgit2 0.21.2