fix: commit messages being double-escaped in activies tab

This commit is contained in:
amaia 2016-10-17 05:53:12 -07:00
parent c9d7ba4d69
commit 9c8c5e9dc0
3 changed files with 7 additions and 1 deletions

View file

@ -119,6 +119,7 @@ Please view this file on the master branch, on stable branches it's out of date.
- Cleanup Ci::ApplicationController. !6757 (Takuya Noguchi)
- Fixes padding in all clipboard icons that have .btn class
- Fix a typo in doc/api/labels.md
- Fix double-escaping in activities tab (Alexandre Maia)
- API: all unknown routing will be handled with 404 Not Found
- Add docs for request profiling
- Make guests unable to view MRs on private projects

View file

@ -5,7 +5,7 @@ module Banzai
# Text filter that escapes these HTML entities: & " < >
class HtmlEntityFilter < HTML::Pipeline::TextFilter
def call
ERB::Util.html_escape(text)
ERB::Util.html_escape_once(text)
end
end
end

View file

@ -11,4 +11,9 @@ describe Banzai::Filter::HtmlEntityFilter, lib: true do
expect(output).to eq(escaped)
end
it 'does not double-escape' do
escaped = ERB::Util.html_escape("Merge branch 'blabla' into 'master'")
expect(filter(escaped)).to eq(escaped)
end
end