Permalink
Browse files

Sanitize part.body in page_part_field partial.

  • Loading branch information...
1 parent 5866ccc commit dea0e35c969b55b497006bf4e940331cd0d1be64 @ugisozols ugisozols committed Aug 9, 2012
Showing with 1 addition and 1 deletion.
  1. +1 −1 pages/app/views/refinery/admin/pages/_page_part_field.html.erb
@@ -1,5 +1,5 @@
<div class='page_part' id='<%= new_part ? "page_part_new_#{part_index}" : part.to_param %>'>
<%= hidden_field_tag "page[parts_attributes][#{part_index}][title]", part.title if new_part %>
- <%= text_area_tag "page[parts_attributes][#{part_index}][body]", part.body, :rows => 20, :class => 'wymeditor widest' %>
+ <%= text_area_tag "page[parts_attributes][#{part_index}][body]", sanitize(part.body), :rows => 20, :class => 'wymeditor widest' %>
<%= hidden_field_tag "page[parts_attributes][#{part_index}][position]", part_index %>
</div>

0 comments on commit dea0e35

Please sign in to comment.