Commit cc46a0d4 authored by Sean McGivern's avatar Sean McGivern

Merge branch 'fix-escaping' into 'master'

fix: commit messages being double-escaped in activities tab

See merge request !6937
parents 12f649fe 9c8c5e9d
...@@ -122,6 +122,7 @@ Please view this file on the master branch, on stable branches it's out of date. ...@@ -122,6 +122,7 @@ Please view this file on the master branch, on stable branches it's out of date.
- Cleanup Ci::ApplicationController. !6757 (Takuya Noguchi) - Cleanup Ci::ApplicationController. !6757 (Takuya Noguchi)
- Fixes padding in all clipboard icons that have .btn class - Fixes padding in all clipboard icons that have .btn class
- Fix a typo in doc/api/labels.md - Fix a typo in doc/api/labels.md
- Fix double-escaping in activities tab (Alexandre Maia)
- API: all unknown routing will be handled with 404 Not Found - API: all unknown routing will be handled with 404 Not Found
- Add docs for request profiling - Add docs for request profiling
- Delete dynamic environments - Delete dynamic environments
......
...@@ -5,7 +5,7 @@ module Banzai ...@@ -5,7 +5,7 @@ module Banzai
# Text filter that escapes these HTML entities: & " < > # Text filter that escapes these HTML entities: & " < >
class HtmlEntityFilter < HTML::Pipeline::TextFilter class HtmlEntityFilter < HTML::Pipeline::TextFilter
def call def call
ERB::Util.html_escape(text) ERB::Util.html_escape_once(text)
end end
end end
end end
......
...@@ -11,4 +11,9 @@ describe Banzai::Filter::HtmlEntityFilter, lib: true do ...@@ -11,4 +11,9 @@ describe Banzai::Filter::HtmlEntityFilter, lib: true do
expect(output).to eq(escaped) expect(output).to eq(escaped)
end end
it 'does not double-escape' do
escaped = ERB::Util.html_escape("Merge branch 'blabla' into 'master'")
expect(filter(escaped)).to eq(escaped)
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment