[Git][noosfero/noosfero][master] should not escape html of api documentation and not found page's

Leandro Nunes gitlab at mg.gitlab.com
Fri Sep 2 09:23:30 BRT 2016 

Leandro Nunes pushed to branch master at Noosfero / noosfero


Commits:
1217394d by Leandro Nunes dos Santos at 2016-09-02T09:21:23-03:00
should not escape html of api documentation and not found page's

- - - - -


2 changed files:

- app/views/api/index.html.erb
- app/views/shared/not_found.html.erb


Changes:

=====================================
app/views/api/index.html.erb
=====================================
--- a/app/views/api/index.html.erb
+++ b/app/views/api/index.html.erb
@@ -1,20 +1,20 @@
 <h1>EndPoints</h1>
 
 <div style="float: right">
-  <%= s_('api-playground|Try the %s') % link_to('API Playground', {:controller => 'api', :action => 'playground'}) %>
+  <%= s_('api-playground|Try the %s').html_safe % link_to('API Playground', {:controller => 'api', :action => 'playground'}) %>
 </div>
 
 <%= endpoints.map do |endpoint|
   app = endpoint.options[:app].to_s
   unless app.blank?
-    content_tag(:h2, app.split('::').last.to_s, title: app) +
+    content_tag(:h2, app.split('::').last.to_s, title: app).html_safe +
     (content_tag :ul do
       endpoint.routes.map do |route|
         content_tag :li do
           content_tag(:strong, route.route_method) + ' ' +
-          route.route_path.gsub(':version', content_tag(:b, route.route_version))
+          route.route_path.gsub(':version', content_tag(:b, route.route_version)).html_safe
         end
-      end.join "\n"
+      end.safe_join "\n"
     end)
   end
-end.join "\n" %>
+end.safe_join "\n" %>


=====================================
app/views/shared/not_found.html.erb
=====================================
--- a/app/views/shared/not_found.html.erb
+++ b/app/views/shared/not_found.html.erb
@@ -1,5 +1,5 @@
 <div id='not-found'>
-    <h1><%= _('There is no such page: %s') % (content_tag('tt', @path)) %></h1>
+    <h1><%= _('There is no such page: %s').html_safe % (content_tag('tt', @path)) %></h1>
     <p>
     <%= _('You may have clicked an expired link or mistyped the address.') %>
     <%= _('If you clicked a link that was in another site, or was given to you by someone else, it would be nice if you tell them that their link is not valid anymore.') %>



View it on GitLab: https://gitlab.com/noosfero/noosfero/commit/1217394deeb7b9acb7d4d1bf3ec84745191a0246
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20160902/859b26e9/attachment-0001.html>

More information about the Noosfero-dev mailing list