Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
32543f3b
Commit
32543f3b
authored
Dec 24, 2015
by
Douwe Maan
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
More escaping!
parent
0ca74f7a
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
5 additions
and
5 deletions
+5
-5
lib/banzai/filter/abstract_reference_filter.rb
lib/banzai/filter/abstract_reference_filter.rb
+4
-4
lib/banzai/filter/reference_filter.rb
lib/banzai/filter/reference_filter.rb
+1
-1
No files found.
lib/banzai/filter/abstract_reference_filter.rb
View file @
32543f3b
...
@@ -102,7 +102,7 @@ module Banzai
...
@@ -102,7 +102,7 @@ module Banzai
project
=
project_from_ref
(
project_ref
)
project
=
project_from_ref
(
project_ref
)
if
project
&&
object
=
find_object
(
project
,
id
)
if
project
&&
object
=
find_object
(
project
,
id
)
title
=
escape_once
(
object_link_title
(
object
)
)
title
=
object_link_title
(
object
)
klass
=
reference_class
(
object_sym
)
klass
=
reference_class
(
object_sym
)
data
=
data_attribute
(
data
=
data_attribute
(
...
@@ -114,11 +114,11 @@ module Banzai
...
@@ -114,11 +114,11 @@ module Banzai
url
=
matches
[
:url
]
if
matches
.
names
.
include?
(
"url"
)
url
=
matches
[
:url
]
if
matches
.
names
.
include?
(
"url"
)
url
||=
url_for_object
(
object
,
project
)
url
||=
url_for_object
(
object
,
project
)
text
=
link_text
||
escape_once
(
object_link_text
(
object
,
matches
)
)
text
=
link_text
||
object_link_text
(
object
,
matches
)
%(<a href="#{url}" #{data}
%(<a href="#{url}" #{data}
title="#{
title
}"
title="#{
escape_once(title)
}"
class="#{klass}">#{
text
}</a>)
class="#{klass}">#{
escape_once(text)
}</a>)
else
else
match
match
end
end
...
...
lib/banzai/filter/reference_filter.rb
View file @
32543f3b
...
@@ -44,7 +44,7 @@ module Banzai
...
@@ -44,7 +44,7 @@ module Banzai
# Returns a String
# Returns a String
def
data_attribute
(
attributes
=
{})
def
data_attribute
(
attributes
=
{})
attributes
[
:reference_filter
]
=
self
.
class
.
name
.
demodulize
attributes
[
:reference_filter
]
=
self
.
class
.
name
.
demodulize
attributes
.
map
{
|
key
,
value
|
%Q(data-
#{
key
.
to_s
.
dasherize
}
="
#{
value
}
")
}.
join
(
" "
)
attributes
.
map
{
|
key
,
value
|
%Q(data-
#{
key
.
to_s
.
dasherize
}
="
#{
escape_once
(
value
)
}
")
}.
join
(
" "
)
end
end
def
escape_once
(
html
)
def
escape_once
(
html
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment