Use CGI.unescapeHTML rather than doing the gsub with a map

5d11cf2e · Douglas Barbosa Alexandre · d6b60e83 · 5d11cf2e · 5d11cf2e
Commit 5d11cf2e authored Jun 29, 2016 by Douglas Barbosa Alexandre
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 12 deletions

app/models/label.rb app/models/label.rb +1 -11

lib/banzai/filter/label_reference_filter.rb lib/banzai/filter/label_reference_filter.rb +1 -1

No files found.
--- a/app/models/label.rb
+++ b/app/models/label.rb
@@ -10,12 +10,6 @@ class Label < ActiveRecord::Base

  DEFAULT_COLOR = '#428BCA'

-  TABLE_FOR_ESCAPE_HTML_ENTITIES = {
-    '&' => '&amp;',
-    '<' => '&lt;',
-    '>' => '&gt;'
-  }
-
  default_value_for :color, DEFAULT_COLOR

  belongs_to :project
@@ -140,10 +134,6 @@ class Label < ActiveRecord::Base
  end

  def sanitize_title(value)
-    unescape_html_entities(Sanitize.clean(value.to_s))
-  end
-
-  def unescape_html_entities(value)
-    value.to_s.gsub(/(&gt;)|(&lt;)|(&amp;)/, TABLE_FOR_ESCAPE_HTML_ENTITIES.invert)
+    CGI.unescapeHTML(Sanitize.clean(value.to_s))
  end
 end
--- a/lib/banzai/filter/label_reference_filter.rb
+++ b/lib/banzai/filter/label_reference_filter.rb
@@ -68,7 +68,7 @@ module Banzai
      end

      def unescape_html_entities(text)
-        text.to_s.gsub(/(&gt;)|(&lt;)|(&amp;)/, Label::TABLE_FOR_ESCAPE_HTML_ENTITIES.invert)
+        CGI.unescapeHTML(text.to_s)
      end
    end
  end