Avoid various uses of html_safe

We can avoid using `html_safe` in various circumstances, through alternative approaches like i18n keys ending in `_html` or using `safe_join` to avoid converting via unsafe string types. The `_html` keys approach only work for ActionView helper version of `t`, not the base `I18n.t` method.
2020-10-21 14:12:14 +02:00 · 2020-10-21 14:12:14 +02:00 · 2559226be3
commit 2559226be3
parent bb2ffab9ec
6 changed files with 28 additions and 28 deletions
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@ -344,7 +344,7 @@ class UsersController < ApplicationController
      flash[:error] = t "users.confirm_resend.failure", :name => params[:display_name]
    else
      UserMailer.signup_confirm(user, user.tokens.create).deliver_later
-      flash[:notice] = t("users.confirm_resend.success", :email => user.email, :sender => Settings.support_email).html_safe
+      flash[:notice] = t "users.confirm_resend.success_html", :email => user.email, :sender => Settings.support_email
    end

    redirect_to :action => "login"