[Git][noosfero/noosfero][master] 2 commits: Fixes HTML safe problems

[Rodrigo Souto]

Rodrigo Souto pushed to branch master at Noosfero / noosfero


Commits:
b803b091 by Gabriel Silva at 2017-01-19T16:11:49+00:00
Fixes HTML safe problems

- Abuse complaints content
- Registration intro text
- Versioned article body

Signed-off-by: Gabriel Silva <gabriel93.silva at gmail.com>

- - - - -
eec32150 by Rodrigo Souto at 2017-01-23T18:06:30+00:00
Merge branch 'html_safe' into 'master'

Fixes HTML safe problems

Closes #233

See merge request !1090
- - - - -


3 changed files:

- app/views/account/signup.html.erb
- app/views/content_viewer/versioned_article.html.erb
- app/views/tasks/_abuse_complaint_accept_details.html.erb


Changes:

=====================================
app/views/account/signup.html.erb
=====================================
--- a/app/views/account/signup.html.erb
+++ b/app/views/account/signup.html.erb
@@ -1,7 +1,7 @@
 <h1><%= _('Sign up for %s!') % environment.name %></h1>
 
 <div id='signup-intro'>
-  <%= environment.signup_intro %>
+  <%= environment.signup_intro.try(:html_safe) %>
 </div>
 
 <%= render :partial => 'signup_form' %>


=====================================
app/views/content_viewer/versioned_article.html.erb
=====================================
--- a/app/views/content_viewer/versioned_article.html.erb
+++ b/app/views/content_viewer/versioned_article.html.erb
@@ -41,7 +41,7 @@
 
   <% cache(@page.cache_key(params, user, language)) do %>
     <div class="<%="article-body article-body-" + @page.css_class_name %>">
-      <%= @versioned_article.body %>
+      <%= @versioned_article.body.html_safe %>
       <br style="clear:both" />
     </div> <!-- end class="article-body" -->
   <% end %>


=====================================
app/views/tasks/_abuse_complaint_accept_details.html.erb
=====================================
--- a/app/views/tasks/_abuse_complaint_accept_details.html.erb
+++ b/app/views/tasks/_abuse_complaint_accept_details.html.erb
@@ -6,7 +6,7 @@
     <% if !abuse_report.content.blank? %>
       <button class="display-abuse-report-details" data-report="<%=abuse_report.id%>"><%=_('View details')%></button>
       <div style='display: none' id=<%= 'abuse-report-details-'+abuse_report.id.to_s %> class="abuse-report-details">
-        <%= abuse_report.content %>
+        <%= abuse_report.content.html_safe %>
       </div>
     <% end %>
     <br />



View it on GitLab: https://gitlab.com/noosfero/noosfero/compare/1ad52d88361829c62b0294f86f308d9bbe2ce167...eec321500c672641f8150e373962c1e7aeb50d39
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20170123/2b17118d/attachment-0001.html>