From 1882509a0beea16031928c569890b73c2d98dafe Mon Sep 17 00:00:00 2001 From: ilya Date: Tue, 21 Sep 2010 11:59:04 -0700 Subject: [PATCH] removed the auto_link seems to fix HTML injection, no more autolinking --- app/views/comments/_comment.html.haml | 2 +- app/views/status_messages/_status_message.html.haml | 2 +- app/views/status_messages/show.html.haml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/app/views/comments/_comment.html.haml b/app/views/comments/_comment.html.haml index 4252d9762..4fd46eb56 100644 --- a/app/views/comments/_comment.html.haml +++ b/app/views/comments/_comment.html.haml @@ -7,6 +7,6 @@ = person_image_tag(post.person) %span.from = link_to post.person.real_name, post.person - = auto_link sanitize post.text + = post.text %div.time = "#{time_ago_in_words(post.updated_at)} #{t('.ago')}" diff --git a/app/views/status_messages/_status_message.html.haml b/app/views/status_messages/_status_message.html.haml index 396f143a7..dcee761d1 100644 --- a/app/views/status_messages/_status_message.html.haml +++ b/app/views/status_messages/_status_message.html.haml @@ -10,7 +10,7 @@ .content %span.from = link_to post.person.real_name, post.person - = auto_link sanitize post.message + = post.message .info %span.time= link_to(how_long_ago(post), object_path(post)) diff --git a/app/views/status_messages/show.html.haml b/app/views/status_messages/show.html.haml index 251c92a0e..4a701d6a6 100644 --- a/app/views/status_messages/show.html.haml +++ b/app/views/status_messages/show.html.haml @@ -5,7 +5,7 @@ %h1 = link_to @status_message.person.real_name, @status_message.person - = auto_link sanitize @status_message.message + = @status_message.message %h4= "comments (#{@status_message.comments.count})"