[Git][noosfero/noosfero][master] should not escape html of api documentation and not found page's
Leandro Nunes
gitlab at mg.gitlab.com
Fri Sep 2 09:23:30 BRT 2016
Leandro Nunes pushed to branch master at Noosfero / noosfero
Commits:
1217394d by Leandro Nunes dos Santos at 2016-09-02T09:21:23-03:00
should not escape html of api documentation and not found page's
- - - - -
2 changed files:
- app/views/api/index.html.erb
- app/views/shared/not_found.html.erb
Changes:
=====================================
app/views/api/index.html.erb
=====================================
--- a/app/views/api/index.html.erb
+++ b/app/views/api/index.html.erb
@@ -1,20 +1,20 @@
<h1>EndPoints</h1>
<div style="float: right">
- <%= s_('api-playground|Try the %s') % link_to('API Playground', {:controller => 'api', :action => 'playground'}) %>
+ <%= s_('api-playground|Try the %s').html_safe % link_to('API Playground', {:controller => 'api', :action => 'playground'}) %>
</div>
<%= endpoints.map do |endpoint|
app = endpoint.options[:app].to_s
unless app.blank?
- content_tag(:h2, app.split('::').last.to_s, title: app) +
+ content_tag(:h2, app.split('::').last.to_s, title: app).html_safe +
(content_tag :ul do
endpoint.routes.map do |route|
content_tag :li do
content_tag(:strong, route.route_method) + ' ' +
- route.route_path.gsub(':version', content_tag(:b, route.route_version))
+ route.route_path.gsub(':version', content_tag(:b, route.route_version)).html_safe
end
- end.join "\n"
+ end.safe_join "\n"
end)
end
-end.join "\n" %>
+end.safe_join "\n" %>
=====================================
app/views/shared/not_found.html.erb
=====================================
--- a/app/views/shared/not_found.html.erb
+++ b/app/views/shared/not_found.html.erb
@@ -1,5 +1,5 @@
<div id='not-found'>
- <h1><%= _('There is no such page: %s') % (content_tag('tt', @path)) %></h1>
+ <h1><%= _('There is no such page: %s').html_safe % (content_tag('tt', @path)) %></h1>
<p>
<%= _('You may have clicked an expired link or mistyped the address.') %>
<%= _('If you clicked a link that was in another site, or was given to you by someone else, it would be nice if you tell them that their link is not valid anymore.') %>
View it on GitLab: https://gitlab.com/noosfero/noosfero/commit/1217394deeb7b9acb7d4d1bf3ec84745191a0246
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20160902/859b26e9/attachment-0001.html>
More information about the Noosfero-dev
mailing list