From d9254d1fbb904e9b58db4e379d962fe0e05e7468 Mon Sep 17 00:00:00 2001 From: Antonio Terceiro Date: Thu, 2 Sep 2010 12:31:40 -0300 Subject: [PATCH] Escape every title in the home page --- app/views/home/index.rhtml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/app/views/home/index.rhtml b/app/views/home/index.rhtml index 61239ee..bceaff2 100644 --- a/app/views/home/index.rhtml +++ b/app/views/home/index.rhtml @@ -9,7 +9,7 @@ <% @highlighted_news.each_with_index do |highlighted, index| %>
-

<%= link_to(highlighted.title, highlighted.url, :class => 'post-title') %>

+

<%= link_to(h(highlighted.title), highlighted.url, :class => 'post-title') %>

<%= !highlighted.abstract.blank? ? highlighted.abstract : highlighted.first_paragraph %>

@@ -28,7 +28,7 @@ <% @portal_news.each do |news| %>

  • - <%= link_to(news.title, news.url, :class => 'post-title' ) %> + <%= link_to(h(news.title), news.url, :class => 'post-title' ) %>
  • <% end %> @@ -40,10 +40,10 @@ <% content_tag(:div, :class => ["news-area", ['even', 'odd'][i%2]].join(' ')) do %> <% content_tag(:div, :class => 'news-area-inner-1') do %> <% content_tag(:div, :class => 'news-area-inner-2') do %> -

    <%= link_to folder.title, folder.url %>

    +

    <%= link_to h(folder.title), folder.url %>

      <% folder.news(environment.news_amount_by_folder).each do |news| %> -
    • <%= link_to(news.title, news.url) %>
    • +
    • <%= link_to(h(news.title), news.url) %>
    • <% end%>
    <%= link_to _('View more'), folder.url, :class => 'news-see-more' %> -- libgit2 0.21.2