DGNum/demarches-normaliennes
13
1
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

[Fix #592] Convert html_safe to sanitize

Browse source
This commit is contained in:
Simon Lehericey 2017-07-12 18:17:53 +02:00
parent da7af28f9f
commit 4ae9d8ef0d
12 changed files with 17 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

2
app/views/backoffice/dossiers/formulaire_private.js.erb
View file

@ -1,4 +1,4 @@
<% flash.each do |type, message| %>
$("#flash_message").html("<div class=\"alert alert-success move-up\" style=\"display: block:\"> <%= message.html_safe %></div>").children().fadeOut(5000)
$("#flash_message").html("<div class=\"alert alert-success move-up\" style=\"display: block:\"> <%= sanitize(message) %></div>").children().fadeOut(5000)
<% end %>
<% flash.clear %>