Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
29911494
Commit
29911494
authored
Oct 06, 2014
by
Dmitriy Zaporozhets
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Use only escaped auto_link
Signed-off-by:
Dmitriy Zaporozhets
<
dmitriy.zaporozhets@gmail.com
>
parent
90c96d1d
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
6 additions
and
2 deletions
+6
-2
app/helpers/application_helper.rb
app/helpers/application_helper.rb
+4
-0
app/views/groups/show.html.haml
app/views/groups/show.html.haml
+1
-1
app/views/projects/_home_panel.html.haml
app/views/projects/_home_panel.html.haml
+1
-1
No files found.
app/helpers/application_helper.rb
View file @
29911494
...
@@ -259,4 +259,8 @@ module ApplicationHelper
...
@@ -259,4 +259,8 @@ module ApplicationHelper
super
super
end
end
def
escaped_autolink
(
text
)
auto_link
ERB
::
Util
.
html_escape
(
text
),
link: :urls
end
end
end
app/views/groups/show.html.haml
View file @
29911494
...
@@ -24,7 +24,7 @@
...
@@ -24,7 +24,7 @@
=
@group
.
name
=
@group
.
name
-
if
@group
.
description
.
present?
-
if
@group
.
description
.
present?
%p
%p
=
auto_link
@group
.
description
,
link: :urls
=
escaped_autolink
(
@group
.
description
)
=
render
"projects"
,
projects:
@projects
=
render
"projects"
,
projects:
@projects
-
if
current_user
-
if
current_user
.prepend-top-20
.prepend-top-20
...
...
app/views/projects/_home_panel.html.haml
View file @
29911494
...
@@ -3,7 +3,7 @@
...
@@ -3,7 +3,7 @@
.project-home-row
.project-home-row
.project-home-desc
.project-home-desc
-
if
@project
.
description
.
present?
-
if
@project
.
description
.
present?
=
auto_link
ERB
::
Util
.
html_escape
(
@project
.
description
),
link: :urls
=
escaped_autolink
(
@project
.
description
)
-
if
can?
(
current_user
,
:admin_project
,
@project
)
-
if
can?
(
current_user
,
:admin_project
,
@project
)
–
–
=
link_to
'Edit'
,
edit_project_path
=
link_to
'Edit'
,
edit_project_path
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment