Permalink
Browse files

Sanitize inquiry message before stripping tags and truncating it in t…

…he backend view.
  • Loading branch information...
1 parent 8ac0dab commit 0c95e89fefcee4c44fa8dd5200484f9dd9acac5c @ugisozols ugisozols committed Aug 7, 2012
Showing with 1 addition and 1 deletion.
  1. +1 −1 app/views/refinery/inquiries/admin/inquiries/_inquiry.html.erb
View
2 app/views/refinery/inquiries/admin/inquiries/_inquiry.html.erb
@@ -1,7 +1,7 @@
<li class='clearfix record <%= cycle("on", "on-hover") %>'>
<span class='title'>
<%= link_to inquiry.name, refinery.inquiries_admin_inquiry_path(inquiry) %> <%= t('.said') %>
- <span class="preview"><%= truncate(strip_tags(inquiry.message), :length => 60) -%></span>
+ <span class="preview"><%= truncate(strip_tags(sanitize(inquiry.message)), :length => 60) -%></span>
</span>
<span class='actions'>
<%= link_to refinery_icon_tag('delete.png'),

0 comments on commit 0c95e89

Please sign in to comment.