[Git][noosfero/noosfero][master] should not escape activity information in wall
Leandro Nunes
gitlab at mg.gitlab.com
Wed May 18 12:40:56 BRT 2016
Leandro Nunes pushed to branch master at Noosfero / noosfero
Commits:
585fee1b by Leandro Nunes dos Santos at 2016-05-18T12:40:04-03:00
should not escape activity information in wall
- - - - -
1 changed file:
- app/views/profile/_upload_image.html.erb
Changes:
=====================================
app/views/profile/_upload_image.html.erb
=====================================
--- a/app/views/profile/_upload_image.html.erb
+++ b/app/views/profile/_upload_image.html.erb
@@ -3,7 +3,7 @@
<%= link_to(profile_image(activity.user, :minor), activity.user.url) %>
</div>
<div class='profile-activity-description'>
- <p class='profile-activity-text'><%= link_to activity.user.name, activity.user.url %> <%= describe activity %></p>
+ <p class='profile-activity-text'><%= link_to activity.user.name, activity.user.url %> <%= describe(activity).html_safe %></p>
<p class='profile-activity-time'><%= time_ago_in_words(activity.created_at) %></p>
<div class='profile-wall-actions'>
<%= link_to_function(_('Remove'), 'remove_item_wall(this, \'%s\', \'%s\', \'%s\'); return false ;' % [".profile-activity-item", url_for(:profile => params[:profile], :action => :remove_activity, :activity_id => activity.id, :view => params[:view]), _('Are you sure you want to remove this activity and all its replies?')]) if logged_in? && current_person == @profile %>
View it on GitLab: https://gitlab.com/noosfero/noosfero/commit/585fee1bea6efd3715647101fc71776cb3d25d3f
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20160518/618eaa75/attachment-0001.html>
More information about the Noosfero-dev
mailing list