BigW Consortium Gitlab

Use only escaped auto_link

parent 90c96d1d
......@@ -259,4 +259,8 @@ module ApplicationHelper
super
end
def escaped_autolink(text)
auto_link ERB::Util.html_escape(text), link: :urls
end
end
......@@ -24,7 +24,7 @@
= @group.name
- if @group.description.present?
%p
= auto_link @group.description, link: :urls
= escaped_autolink(@group.description)
= render "projects", projects: @projects
- if current_user
.prepend-top-20
......
......@@ -3,7 +3,7 @@
.project-home-row
.project-home-desc
- if @project.description.present?
= auto_link ERB::Util.html_escape(@project.description), link: :urls
= escaped_autolink(@project.description)
- if can?(current_user, :admin_project, @project)
–
= link_to 'Edit', edit_project_path
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment