Skip to content

Commit

Permalink
html escape title in refinery_help_tag
Browse files Browse the repository at this point in the history
  • Loading branch information
@bricesanchez
bricesanchez committed Feb 8, 2016
1 parent 1f81b96 commit ed05cf9
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion core/app/helpers/refinery/tag_helper.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@ module TagHelper

# Remember to wrap your block with <span class='label_with_help'></span> if you're using a label next to the help tag.
def refinery_help_tag(title='Tip')
action_icon(:info, '#', title.html_safe? ? title : h(title), {tooltip: title})
title = title.html_safe? ? title : h(title)
action_icon(:info, '#', title, {tooltip: title})
end

# This is just a quick wrapper to render an image tag that lives inside refinery/icons.
Expand Down

2 comments on commit ed05cf9

@fgeek
Copy link

@fgeek fgeek commented on ed05cf9 Feb 20, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When do you plan to publish next release containing this fix?

@bricesanchez
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@fgeek i have to finish this work, it's planned for ASAP :)

Please sign in to comment.