root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Use only escaped auto_link 

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
This commit is contained in:
Dmitriy Zaporozhets 2014-10-06 15:15:39 +03:00
parent 90c96d1dc0
commit 299114948b
No known key found for this signature in database
GPG Key ID: 161B5D6A44D3D88A
3 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/helpers/application_helper.rb
View File

@ -259,4 +259,8 @@ module ApplicationHelper
super
end
def escaped_autolink(text)
auto_link ERB::Util.html_escape(text), link: :urls
end
end

2
app/views/groups/show.html.haml
View File

@ -24,7 +24,7 @@
= @group.name
- if @group.description.present?
%p
= auto_link @group.description, link: :urls
= escaped_autolink(@group.description)
= render "projects", projects: @projects
- if current_user
.prepend-top-20

2
app/views/projects/_home_panel.html.haml
View File

@ -3,7 +3,7 @@
.project-home-row
.project-home-desc
- if @project.description.present?
= auto_link ERB::Util.html_escape(@project.description), link: :urls
= escaped_autolink(@project.description)
- if can?(current_user, :admin_project, @project)
&ndash;
= link_to 'Edit', edit_project_path