Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Escape HTML before preventing widows #91

Merged
merged 1 commit into from Feb 4, 2016
Merged

Conversation

@fofr
Copy link
Contributor

@fofr fofr commented Feb 4, 2016

To add a nbsp we need to return an html_safe string, but we shouldn’t assume there’s no unsafe HTML in the text passed through.

  • Strip whitespace, escape the HTML then add the non-breaking space and mark as html_safe.

This addresses @dsingleton's feedback from the already merged #88

cc @jamiecobbett

To add a `nbsp` we need to return an html_safe string, but we shouldn’t
assume there’s no unsafe HTML in the text passed through.

Strip whitespace, escape the HTML then add the non-breaking space and
mark as html_safe.
boffbowsh added a commit that referenced this pull request Feb 4, 2016
Escape HTML before preventing widows
@boffbowsh boffbowsh merged commit 326c2a4 into master Feb 4, 2016
1 check passed
1 check passed
default Build #380 succeeded on Jenkins
Details
@boffbowsh boffbowsh deleted the make-widow-helper-safer branch Feb 4, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

2 participants
You can’t perform that action at this time.