Skip to content
Permalink
Browse files Browse the repository at this point in the history
Sanitize comments
  • Loading branch information
brian-kephart committed Oct 12, 2021
1 parent c8fe87c commit 05506e9
Show file tree
Hide file tree
Showing 4 changed files with 7 additions and 7 deletions.
Expand Up @@ -11,10 +11,10 @@
<strong class="<%= (children.present?)? "pull-right" : "" %>"><%= user.the_name %></strong> <small class="text-muted <%= (children.present?)? "" : "pull-right" %>"><%= comment.decorate.the_created_at %></small>
</div>
<div class="panel-body">
<%= raw comment.content %>
<%= comment.content %>
</div><!-- /panel-body -->
</div><!-- /panel panel-default -->
</div><!-- /col-sm-5 -->
</div>
<%= render partial: "partials/comments_list", locals: { comments: comment.children.approveds, children: "present" } if comment.children.present? %>
<% end %>
<% end %>
2 changes: 1 addition & 1 deletion app/helpers/camaleon_cms/comment_helper.rb
Expand Up @@ -25,7 +25,7 @@ def cama_comments_render_html(comments)
</div>
<div class='media-body'>
<h4 class='media-heading'>#{author.the_name} <small>#{comment.the_created_at}</small> <span class='label label-#{labels[comment.approved]} pull-right'>#{t("camaleon_cms.admin.comments.message.#{comment.approved}")}</span></h4>
<div class='comment_content'>#{comment.content}</div>
<div class='comment_content'>#{sanitize comment.content}</div>
<div class='comment_actions'>
<div class='pull-left'>
<a href='#{cama_admin_post_comment_answer_path(@post.id, comment.id)}' data-comment-id='#{comment.id}' title='#{t('camaleon_cms.admin.comments.tooltip.reply_comment')}' class='btn btn-info reply btn-xs ajax_modal'><span class='fa fa-mail-reply'></span></a>
Expand Down
Expand Up @@ -12,10 +12,10 @@
<strong class=""><%= link_to(user.the_name, user.the_url) %></strong> <small class="text-muted pull-right"><%= comment.decorate.the_created_at %></small>
</div>
<div class="panel-body">
<%= raw comment.content %>
<%= comment.content %>
</div><!-- /panel-body -->
</div><!-- /panel panel-default -->
</div><!-- /col-sm-5 -->
</div>
<%= render partial: "partials/comments_list", locals: { comments: comment.children.approveds, children: "present" } if comment.children.present? %>
<% end %>
<% end %>
Expand Up @@ -6,7 +6,7 @@
</div>
<div class="media-body">
<h4 class="media-heading"><%= link_to(user.the_name, user.the_url) %> <small class="pull-right"><%= comment.decorate.the_created_at %></small></h4>
<div><%= raw comment.content %></div>
<div><%= comment.content %></div>
<% comment.children.approveds.each do |answer| user2 = answer.comment_user.decorate %>
<div class="media">
<div class="media-left">
Expand All @@ -21,4 +21,4 @@
</div>
</li>
<% end %>
</ul>
</ul>

0 comments on commit 05506e9

Please sign in to comment.