[Git][noosfero/noosfero][master] 2 commits: Fix html escape in forum visualization
Leandro Nunes
gitlab at mg.gitlab.com
Fri Nov 4 12:58:44 BRST 2016
Leandro Nunes pushed to branch master at Noosfero / noosfero
Commits:
5f77c31d by Victor Costa at 2016-11-04T08:59:05-03:00
Fix html escape in forum visualization
- - - - -
575bc84b by Leandro Nunes at 2016-11-04T14:56:39+00:00
Merge branch 'fix-forum-escape' into 'master'
Fix html escape in forum visualization
See merge request !1041
- - - - -
2 changed files:
- app/helpers/forum_helper.rb
- test/unit/forum_helper_test.rb
Changes:
=====================================
app/helpers/forum_helper.rb
=====================================
--- a/app/helpers/forum_helper.rb
+++ b/app/helpers/forum_helper.rb
@@ -41,7 +41,7 @@ module ForumHelper
def last_topic_update(article)
info = article.info_from_last_update
if info[:author_url]
- time_ago_in_words(info[:date]) + ' ' + _('by') + ' ' + link_to(info[:author_name], info[:author_url])
+ (time_ago_in_words(info[:date]) + ' ' + _('by') + ' ' + link_to(info[:author_name], info[:author_url])).html_safe
else
time_ago_in_words(info[:date]) + ' ' + _('by') + ' ' + info[:author_name]
end
=====================================
test/unit/forum_helper_test.rb
=====================================
--- a/test/unit/forum_helper_test.rb
+++ b/test/unit/forum_helper_test.rb
@@ -73,6 +73,13 @@ class ForumHelperTest < ActionView::TestCase
assert_match(/#{result} by John/m, last_topic_update(some_post))
end
+ should "not escape html in last topic update" do
+ person = create_user('john').person
+ some_post = create(TextArticle, name: 'First post', profile: profile, parent: forum, published: true)
+ some_post.comments << build(Comment, author: person, title: 'test', body: 'test')
+ assert_tag_in_string list_forum_posts(forum.posts), tag: 'a', content: 'john'
+ end
+
protected
include NoosferoTestHelper
View it on GitLab: https://gitlab.com/noosfero/noosfero/compare/b75d93a092f3d5b2eca67922f9af17b6f6d726fd...575bc84b483feaa06a63bc5ad493c10aaafdb6c3
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20161104/e3750bab/attachment-0001.html>
More information about the Noosfero-dev
mailing list