[Git][noosfero/noosfero][master] should not escape notification message in admin notification plugin
Leandro Nunes
gitlab at mg.gitlab.com
Fri May 13 22:30:18 BRT 2016
Leandro Nunes pushed to branch master at Noosfero / noosfero
Commits:
fa17838c by Leandro Nunes dos Santos at 2016-05-13T22:29:43-03:00
should not escape notification message in admin notification plugin
- - - - -
2 changed files:
- plugins/admin_notifications/views/admin_notifications_plugin_public/notifications_with_popup.html.erb
- plugins/admin_notifications/views/shared/_notifications_list.html.erb
Changes:
=====================================
plugins/admin_notifications/views/admin_notifications_plugin_public/notifications_with_popup.html.erb
=====================================
--- a/plugins/admin_notifications/views/admin_notifications_plugin_public/notifications_with_popup.html.erb
+++ b/plugins/admin_notifications/views/admin_notifications_plugin_public/notifications_with_popup.html.erb
@@ -9,12 +9,12 @@
</div>
</div>
<div class="notification-message notification-with-title-message">
- <%= AdminNotificationsPlugin::NotificationHelper.substitute_variables(notification.message, current_user) %>
+ <%= AdminNotificationsPlugin::NotificationHelper.substitute_variables(notification.message, current_user).html_safe %>
</div>
<% else %>
<div class="<%= notification.type.gsub("AdminNotificationsPlugin::", "").downcase %> notification notification-without-title" data-notification="<%=notification.id%>">
<div class="notification-message">
- <%= AdminNotificationsPlugin::NotificationHelper.substitute_variables(notification.message, current_user) %>
+ <%= AdminNotificationsPlugin::NotificationHelper.substitute_variables(notification.message, current_user).html_safe %>
</div>
</div>
<% end %>
=====================================
plugins/admin_notifications/views/shared/_notifications_list.html.erb
=====================================
--- a/plugins/admin_notifications/views/shared/_notifications_list.html.erb
+++ b/plugins/admin_notifications/views/shared/_notifications_list.html.erb
@@ -23,7 +23,7 @@
<% @notifications.each do |notification| %>
<div class="notification-line">
<div class="notification-message">
- <%= truncate(notification.message, length: 50) %>
+ <%= truncate(notification.message.html_safe, length: 50) %>
</div>
<div class="notification-action">
<% if notification.active? %>
View it on GitLab: https://gitlab.com/noosfero/noosfero/commit/fa17838ce0f90b37e134b80762b47567251449c5
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20160514/c217095a/attachment-0001.html>
More information about the Noosfero-dev
mailing list