Commentaires: avoid xss injection
This commit is contained in:
parent
2e03f77e4d
commit
35affd69fc
1 changed files with 1 additions and 1 deletions
|
@ -2,7 +2,7 @@
|
|||
.comment-header
|
||||
= commentaire.header
|
||||
.content
|
||||
= commentaire.body.html_safe
|
||||
= sanitize(commentaire.body)
|
||||
- if file = commentaire.piece_justificative
|
||||
.file
|
||||
= link_to file.content_url, class: 'link', target: '_blank' do
|
||||
|
|
Loading…
Reference in a new issue