Use CGI.unescapeHTML rather than doing the gsub with a map
This commit is contained in:
parent
d6b60e83ed
commit
5d11cf2e98
|
@ -10,12 +10,6 @@ class Label < ActiveRecord::Base
|
|||
|
||||
DEFAULT_COLOR = '#428BCA'
|
||||
|
||||
TABLE_FOR_ESCAPE_HTML_ENTITIES = {
|
||||
'&' => '&',
|
||||
'<' => '<',
|
||||
'>' => '>'
|
||||
}
|
||||
|
||||
default_value_for :color, DEFAULT_COLOR
|
||||
|
||||
belongs_to :project
|
||||
|
@ -140,10 +134,6 @@ class Label < ActiveRecord::Base
|
|||
end
|
||||
|
||||
def sanitize_title(value)
|
||||
unescape_html_entities(Sanitize.clean(value.to_s))
|
||||
end
|
||||
|
||||
def unescape_html_entities(value)
|
||||
value.to_s.gsub(/(>)|(<)|(&)/, TABLE_FOR_ESCAPE_HTML_ENTITIES.invert)
|
||||
CGI.unescapeHTML(Sanitize.clean(value.to_s))
|
||||
end
|
||||
end
|
||||
|
|
|
@ -68,7 +68,7 @@ module Banzai
|
|||
end
|
||||
|
||||
def unescape_html_entities(text)
|
||||
text.to_s.gsub(/(>)|(<)|(&)/, Label::TABLE_FOR_ESCAPE_HTML_ENTITIES.invert)
|
||||
CGI.unescapeHTML(text.to_s)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue