not escape HTML of link to read more article on blog index with short format

Melissa Wen
1 parent eb631713
Showing 2 changed files with 13 additions and 2 deletions Show diff stats
app/helpers/application_helper.rb
test/integration/safe_strings_test.rb
@@ -723,11 +723,11 @@ module ApplicationHelper
   def display_short_format(article, options={})
     options[:comments_link] ||= true
     options[:read_more_link] ||= true
+    lead_links = (options[:comments_link] ? link_to_comments(article) : '') + (options[:read_more_link] ? reference_to_article( _('Read more'), article) : '')
     html = content_tag('div',
              article.lead +
              content_tag('div',
-               (options[:comments_link] ? link_to_comments(article) : '') +
-               (options[:read_more_link] ? reference_to_article( _('Read more'), article) : ''),
+               lead_links.html_safe,
                :class => 'read-more'
              ),
              :class => 'short-post'
@@ -175,4 +175,15 @@ class SafeStringsTest &lt; ActionDispatch::IntegrationTest
     assert_select '.icon-selector .icon-edit'
   end
  
+  should 'not escape read more link to article on display short format' do
+    profile = fast_create Profile
+    blog = fast_create Blog, :name => 'Blog', :profile_id => profile.id
+    fast_create(TinyMceArticle, :name => "Post Test", :profile_id => profile.id, :parent_id => blog.id, :accept_comments => false, :body => '<p>Lorem ipsum dolor sit amet</p>')
+    blog.update_attribute(:visualization_format, 'short')
+
+    get "/#{profile.identifier}/blog"
+    assert_tag :tag => 'div', :attributes => {:class => 'read-more'}, :child => {:tag => 'a', :content => 'Read more'}
+  end
+
+
 end
...	...	@@ -723,11 +723,11 @@ module ApplicationHelper
723	723	def display_short_format(article, options={})
724	724	options[:comments_link] \|\|= true
725	725	options[:read_more_link] \|\|= true
	726	+ lead_links = (options[:comments_link] ? link_to_comments(article) : '') + (options[:read_more_link] ? reference_to_article( _('Read more'), article) : '')
726	727	html = content_tag('div',
727	728	article.lead +
728	729	content_tag('div',
729		- (options[:comments_link] ? link_to_comments(article) : '') +
730		- (options[:read_more_link] ? reference_to_article( _('Read more'), article) : ''),
	730	+ lead_links.html_safe,
731	731	:class => 'read-more'
732	732	),
733	733	:class => 'short-post'
...	...
...	...	@@ -175,4 +175,15 @@ class SafeStringsTest < ActionDispatch::IntegrationTest
175	175	assert_select '.icon-selector .icon-edit'
176	176	end
177	177
	178	+ should 'not escape read more link to article on display short format' do
	179	+ profile = fast_create Profile
	180	+ blog = fast_create Blog, :name => 'Blog', :profile_id => profile.id
	181	+ fast_create(TinyMceArticle, :name => "Post Test", :profile_id => profile.id, :parent_id => blog.id, :accept_comments => false, :body => '<p>Lorem ipsum dolor sit amet</p>')
	182	+ blog.update_attribute(:visualization_format, 'short')
	183	+
	184	+ get "/#{profile.identifier}/blog"
	185	+ assert_tag :tag => 'div', :attributes => {:class => 'read-more'}, :child => {:tag => 'a', :content => 'Read more'}
	186	+ end
	187	+
	188	+
178	189	end
...	...