Commit 1218a5e6 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Add html_escape to project description. auto_link set description to html_safe...

Add html_escape to project description. auto_link set description to html_safe but! dont escape html :(.
Signed-off-by: default avatarDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
parent a019b49a
...@@ -17,7 +17,7 @@ ...@@ -17,7 +17,7 @@
.col-md-7 .col-md-7
.project-home-desc .project-home-desc
- if @project.description.present? - if @project.description.present?
= auto_link @project.description, link: :urls = auto_link ERB::Util.html_escape(@project.description), link: :urls
- if can?(current_user, :admin_project, @project) - if can?(current_user, :admin_project, @project)
&ndash; &ndash;
%strong= link_to 'Edit', edit_project_path %strong= link_to 'Edit', edit_project_path
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment