Use _html suffix to avoid using raw when displaying translated strings

This is safer than raw, since any user input is still escaped.
2020-01-02 17:43:34 +01:00 · 2020-01-02 17:43:34 +01:00 · 5aa255e13f
commit 5aa255e13f
parent 8dba8cd4a0
7 changed files with 21 additions and 20 deletions
--- a/app/views/browse/history.html.erb
+++ b/app/views/browse/history.html.erb
@ -2,7 +2,7 @@

 <h2>
  <a class="geolink" href="<%= root_path %>"><span class="icon close"></span></a>
-  <%= raw t("browse.#{@type}.history_title", :name => printable_name(@feature)) %>
+  <%= t("browse.#{@type}.history_title_html", :name => printable_name(@feature)) %>
 </h2>

 <%= render :partial => @type, :collection => @feature.send("old_#{@type}s").reverse %>