cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Avoid various uses of html_safe

Browse source 
We can avoid using `html_safe` in various circumstances, through alternative approaches like i18n keys ending in `_html` or using `safe_join` to avoid converting via unsafe string types.

The `_html` keys approach only work for ActionView helper version of `t`, not the base `I18n.t` method.
This commit is contained in:
Andy Allan 2020-10-21 14:12:14 +02:00
parent bb2ffab9ec
commit 2559226be3
6 changed files with 28 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

8
app/views/browse/changeset.html.erb
View file

@ -37,10 +37,10 @@
<% if comment.visible %>
<li id="c<%= comment.id %>">
<small class='text-muted'>
<%= t(".commented_by",
<%= t(".commented_by_html",
:when => friendly_date_ago(comment.created_at),
:exact_time => l(comment.created_at),
:user => link_to(comment.author.display_name, user_path(comment.author))).html_safe %>
:user => link_to(comment.author.display_name, user_path(comment.author))) %>
<% if current_user and current_user.moderator? %>
— <span class="action-button deemphasize" data-comment-id="<%= comment.id %>" data-method="POST" data-url="<%= changeset_comment_hide_url(comment.id) %>"><%= t("javascripts.changesets.show.hide_comment") %></span>
<% end %>
@ -50,10 +50,10 @@
<% elsif current_user and current_user.moderator? %>
<li id="c<%= comment.id %>">
<small class='text-muted'>
<%= t(".hidden_commented_by",
<%= t(".hidden_commented_by_html",
:when => friendly_date_ago(comment.created_at),
:exact_time => l(comment.created_at),
:user => link_to(comment.author.display_name, user_path(comment.author))).html_safe %>
:user => link_to(comment.author.display_name, user_path(comment.author))) %>
— <span class="action-button deemphasize" data-comment-id="<%= comment.id %>" data-method="POST" data-url="<%= changeset_comment_unhide_url(comment.id) %>"><%= t("javascripts.changesets.show.unhide_comment") %></span>
</small>
<%= comment.body.to_html %>