Commit 605725ff76305f9abf1ccebe091489f25409591b

Authored by Alexandre Barbosa
1 parent 6672bb97
Exists in new_security

Fixing tests

4 failures, 0 errors

Signed-off-by: Alexandre Barbosa <alexandreab@live.com>
Signed-off-by: Arthur Jahn <stutrzbecher@gmail.com>
Signed-off-by: David Carlos <ddavidcarlos1392@gmail.com>
app/helpers/application_helper.rb
... ... @@ -567,15 +567,15 @@ module ApplicationHelper
567 567 links = links_for_balloon(profile)
568 568 content_tag('div', content_tag(tag,
569 569 (environment.enabled?(:show_balloon_with_profile_links_when_clicked) ?
570   - popover_menu(_('Profile links'),profile.short_name,links,{:class => trigger_class, :url => url}) : "") +
  570 + popover_menu(_('Profile links'),profile.short_name,links,{:class => trigger_class, :url => url}) : "").html_safe +
571 571 link_to(
572 572 content_tag( 'span', profile_image( profile, size ), :class => img_class ) +
573 573 content_tag( 'span', h(name), :class => ( profile.class == Person ? 'fn' : 'org' ) ) +
574 574 extra_info_tag + profile_sex_icon( profile ),
575   - profile.url,
  575 + url,
576 576 :class => 'profile_link url',
577 577 :help => _('Click on this icon to go to the <b>%s</b>\'s home page') % profile.name,
578   - :title => profile.name ),
  578 + :title => profile.name ).html_safe,
579 579 :class => 'vcard'), :class => 'common-profile-list-block')
580 580 end
581 581  
... ... @@ -835,7 +835,7 @@ module ApplicationHelper
835 835 end
836 836 else
837 837 if profile.active_fields.include?(name)
838   - result = content_tag('div', field_html + profile_field_privacy_selector(profile, name), :class => 'field-with-privacy-selector-R1')
  838 + result = content_tag('div', field_html + profile_field_privacy_selector(profile, name), :class => 'field-with-privacy-selector')
839 839 end
840 840 end
841 841  
... ... @@ -1392,7 +1392,7 @@ module ApplicationHelper
1392 1392 html = @plugins.pipeline(:parse_content, html, source).first
1393 1393 end
1394 1394  
1395   - html.html_safe && html
  1395 + html && html.html_safe
1396 1396 end
1397 1397  
1398 1398 def convert_macro(html, source)
... ...
app/helpers/box_organizer_helper.rb
... ... @@ -38,7 +38,7 @@ module BoxOrganizerHelper
38 38 content_tag(:ul,
39 39 images_path.map do |preview|
40 40 content_tag(:li, image_tag(preview, height: '240', alt: ''))
41   - end.join("\n")
  41 + end.join("\n").html_safe
42 42 )
43 43 end
44 44  
... ...
app/helpers/boxes_helper.rb
... ... @@ -282,7 +282,7 @@ module BoxesHelper
282 282 buttons << modal_inline_icon(:embed, _('Embed code'), {}, "#embed-code-box-#{block.id}") << html
283 283 end
284 284  
285   - content_tag('div', buttons.join("\n") + tag('br', :style => 'clear: left'), :class => 'button-bar')
  285 + content_tag('div', buttons.join("\n").html_safe + tag('br', :style => 'clear: left'), :class => 'button-bar')
286 286 end
287 287  
288 288 def current_blocks
... ...
app/helpers/language_helper.rb
... ... @@ -40,7 +40,7 @@ module LanguageHelper
40 40 else
41 41 link_to(name, params.merge(:lang => code), :rel => 'nofollow')
42 42 end
43   - end.join(separator)
  43 + end.join(separator).html_safe
44 44 content_tag('div', languages, :id => 'language-chooser', :help => _('The language you choose here is the language used for options, buttons, etc. It does not affect the language of the content created by other users.'))
45 45 end
46 46 end
... ...
app/models/blog_archives_block.rb
... ... @@ -36,7 +36,7 @@ class BlogArchivesBlock &lt; Block
36 36 results << content_tag('li', content_tag('strong', "#{year.to_i} (#{count})"))
37 37 results << "<ul class='#{year.to_i}-archive'>"
38 38 posts.except(:order).where('EXTRACT(YEAR FROM published_at)=?', year.to_i).group('EXTRACT(MONTH FROM published_at)').count.sort_by {|month, count| -month.to_i}.each do |month, count|
39   - results << content_tag('li', link_to("#{month_name(month.to_i)} (#{count})", owner_blog.url.merge(year: year.to_i, month: month.to_i)))
  39 + results << content_tag('li', link_to("#{month_name(month.to_i)} (#{count})", url_for(owner_blog.url.merge(year: year.to_i, month: month.to_i)).html_safe))
40 40 end
41 41 results << "</ul>"
42 42 end
... ...
app/views/profile/index.html.erb
... ... @@ -5,7 +5,7 @@
5 5 <% else %>
6 6 <% unless profile.description.blank? %>
7 7 <div class='public-profile-description'>
8   - <%= profile.description %>
  8 + <%= raw profile.description %>
9 9 </div>
10 10 <% end %>
11 11 <div id='public-profile-search'>
... ...
app/views/profile_editor/_organization.html.erb
... ... @@ -41,7 +41,7 @@
41 41 <div id="profile-identifier-formitem">
42 42 <%= required labelled_form_field( _('Address'),
43 43 content_tag('code',
44   - url_for(profile.url).gsub(/#{profile.identifier}$/, '') +
  44 + url_for(profile.url).gsub(/#{profile.identifier}$/, '').html_safe +
45 45 text_field(:profile_data, :identifier, :onchange => "warn_value_change()", :size => 25)
46 46 ) +
47 47 content_tag('div',
... ...
test/functional/profile_controller_test.rb
... ... @@ -512,7 +512,7 @@ class ProfileControllerTest &lt; ActionController::TestCase
512 512 should 'show description of orgarnization' do
513 513 login_as(@profile.identifier)
514 514 ent = fast_create(Enterprise)
515   - ent.description = 'Enterprise\'s description'
  515 + ent.description = "<span>Enterprise's description</span>"
516 516 ent.save
517 517 get :index, :profile => ent.identifier
518 518 assert_tag :tag => 'div', :attributes => { :class => 'public-profile-description' }, :content => /Enterprise\'s description/
... ...