Download as
Browse Code »

Commit d9254d1fbb904e9b58db4e379d962fe0e05e7468

Authored by Antonio Terceiro
1 parent 8a0549d3
Exists in master and in 29 other branches add_member_task_reject_details, admin_visible_profile, article-list-template, community_notifications, contact_admin_translation, event_fixes, fix_comments_pagination, fix_rails4_organization_ratings, fix_sign_up_form, follow_step_fix, forum_topic_creation, mirror_block_improvements, multi_env_on_remote_user, new_security, noosfero_spb_ci, organization_ratings_improvements, organization_ratings_link_to_profile_stable-spb-1.3, organization_ratings_translations_fix, profile_api_improvements, ratings_minor_fixes, remote_user_fix, send_email_to_admins, stable-spb-1.3, stable-spb-1.3-fixes, stable-spb-1.4, stable-spb-1.5, suggest_rejected_value, web_steps_improvements, xss_terminate_custom_options

Escape every title in the home page

Showing 1 changed file with 4 additions and 4 deletions   Show diff stats
app/views/home/index.rhtml
  Diff comments   View file @d9254d1
@@ -9,7 +9,7 @@ @@ -9,7 +9,7 @@
9 <% @highlighted_news.each_with_index do |highlighted, index| %> 9 <% @highlighted_news.each_with_index do |highlighted, index| %>
10 <div class='highlighted-news-item post-<%= index + 1 %>'> 10 <div class='highlighted-news-item post-<%= index + 1 %>'>
11 <div class='highlighted-news-item post-<%= index + 1 %>-inner'> 11 <div class='highlighted-news-item post-<%= index + 1 %>-inner'>
12 - <h2><%= link_to(highlighted.title, highlighted.url, :class => 'post-title') %></h2> 12 + <h2><%= link_to(h(highlighted.title), highlighted.url, :class => 'post-title') %></h2>
13 <span class="post-date"><%= show_date(highlighted.published_at, true) %> </span> 13 <span class="post-date"><%= show_date(highlighted.published_at, true) %> </span>
14 <p class='headline'><%= !highlighted.abstract.blank? ? highlighted.abstract : highlighted.first_paragraph %></p> 14 <p class='headline'><%= !highlighted.abstract.blank? ? highlighted.abstract : highlighted.first_paragraph %></p>
15 <p class='highlighted-news-read-more'> 15 <p class='highlighted-news-read-more'>
@@ -28,7 +28,7 @@ @@ -28,7 +28,7 @@
28 <% @portal_news.each do |news| %> 28 <% @portal_news.each do |news| %>
29 <li> 29 <li>
30 <span class="post-date"><%= show_date(news.published_at, true) %> </span> 30 <span class="post-date"><%= show_date(news.published_at, true) %> </span>
31 - <%= link_to(news.title, news.url, :class => 'post-title' ) %> 31 + <%= link_to(h(news.title), news.url, :class => 'post-title' ) %>
32 </li> 32 </li>
33 <% end %> 33 <% end %>
34 </ul> 34 </ul>
@@ -40,10 +40,10 @@ @@ -40,10 +40,10 @@
40 <% content_tag(:div, :class => ["news-area", ['even', 'odd'][i%2]].join(' ')) do %> 40 <% content_tag(:div, :class => ["news-area", ['even', 'odd'][i%2]].join(' ')) do %>
41 <% content_tag(:div, :class => 'news-area-inner-1') do %> 41 <% content_tag(:div, :class => 'news-area-inner-1') do %>
42 <% content_tag(:div, :class => 'news-area-inner-2') do %> 42 <% content_tag(:div, :class => 'news-area-inner-2') do %>
43 - <h3><%= link_to folder.title, folder.url %></h3> 43 + <h3><%= link_to h(folder.title), folder.url %></h3>
44 <ul> 44 <ul>
45 <% folder.news(environment.news_amount_by_folder).each do |news| %> 45 <% folder.news(environment.news_amount_by_folder).each do |news| %>
46 - <li> <%= link_to(news.title, news.url) %></li> 46 + <li> <%= link_to(h(news.title), news.url) %></li>
47 <% end%> 47 <% end%>
48 </ul> 48 </ul>
49 <%= link_to _('View more'), folder.url, :class => 'news-see-more' %> 49 <%= link_to _('View more'), folder.url, :class => 'news-see-more' %>