[Git][noosfero/noosfero][master] should not escape notification message in admin notification plugin

Leandro Nunes gitlab at mg.gitlab.com
Fri May 13 22:30:18 BRT 2016 

Leandro Nunes pushed to branch master at Noosfero / noosfero


Commits:
fa17838c by Leandro Nunes dos Santos at 2016-05-13T22:29:43-03:00
should not escape notification message in admin notification plugin

- - - - -


2 changed files:

- plugins/admin_notifications/views/admin_notifications_plugin_public/notifications_with_popup.html.erb
- plugins/admin_notifications/views/shared/_notifications_list.html.erb


Changes:

=====================================
plugins/admin_notifications/views/admin_notifications_plugin_public/notifications_with_popup.html.erb
=====================================
--- a/plugins/admin_notifications/views/admin_notifications_plugin_public/notifications_with_popup.html.erb
+++ b/plugins/admin_notifications/views/admin_notifications_plugin_public/notifications_with_popup.html.erb
@@ -9,12 +9,12 @@
         </div>
       </div>
       <div class="notification-message notification-with-title-message">
-        <%= AdminNotificationsPlugin::NotificationHelper.substitute_variables(notification.message, current_user) %>
+        <%= AdminNotificationsPlugin::NotificationHelper.substitute_variables(notification.message, current_user).html_safe %>
       </div>
     <% else %>
       <div class="<%= notification.type.gsub("AdminNotificationsPlugin::", "").downcase %> notification notification-without-title" data-notification="<%=notification.id%>">
         <div class="notification-message">
-          <%= AdminNotificationsPlugin::NotificationHelper.substitute_variables(notification.message, current_user) %>
+          <%= AdminNotificationsPlugin::NotificationHelper.substitute_variables(notification.message, current_user).html_safe %>
         </div>
       </div>
     <% end %>


=====================================
plugins/admin_notifications/views/shared/_notifications_list.html.erb
=====================================
--- a/plugins/admin_notifications/views/shared/_notifications_list.html.erb
+++ b/plugins/admin_notifications/views/shared/_notifications_list.html.erb
@@ -23,7 +23,7 @@
   <% @notifications.each do |notification| %>
     <div class="notification-line">
       <div class="notification-message">
-        <%= truncate(notification.message, length: 50) %>
+        <%= truncate(notification.message.html_safe, length: 50) %>
       </div>
       <div class="notification-action">
         <% if notification.active? %>



View it on GitLab: https://gitlab.com/noosfero/noosfero/commit/fa17838ce0f90b37e134b80762b47567251449c5
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20160514/c217095a/attachment-0001.html>

More information about the Noosfero-dev mailing list