Merge branch 'fix-escaping' into 'master'

fix: commit messages being double-escaped in activities tab See merge request !6937

Merge branch 'fix-escaping' into 'master'
cc46a0d4 · Sean McGivern · 12f649fe · 9c8c5e9d · cc46a0d4 · cc46a0d4
Commit cc46a0d4 authored Oct 19, 2016 by Sean McGivern
Showing with 7 additions and 1 deletion

CHANGELOG.md CHANGELOG.md +1 -0

html_entity_filter.rb lib/banzai/filter/html_entity_filter.rb +1 -1

html_entity_filter_spec.rb spec/lib/banzai/filter/html_entity_filter_spec.rb +5 -0

No files found.
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -122,6 +122,7 @@ Please view this file on the master branch, on stable branches it's out of date.
  - Cleanup Ci::ApplicationController. !6757 (Takuya Noguchi)
  - Fixes padding in all clipboard icons that have .btn class
  - Fix a typo in doc/api/labels.md
+  - Fix double-escaping in activities tab (Alexandre Maia)
  - API: all unknown routing will be handled with 404 Not Found
  - Add docs for request profiling
  - Delete dynamic environments

--- a/lib/banzai/filter/html_entity_filter.rb
+++ b/lib/banzai/filter/html_entity_filter.rb
@@ -5,7 +5,7 @@ module Banzai
    # Text filter that escapes these HTML entities: & " < >
    class HtmlEntityFilter < HTML::Pipeline::TextFilter
      def call
-        ERB::Util.html_escape(text)
+        ERB::Util.html_escape_once(text)
      end
    end
  end

--- a/spec/lib/banzai/filter/html_entity_filter_spec.rb
+++ b/spec/lib/banzai/filter/html_entity_filter_spec.rb
@@ -11,4 +11,9 @@ describe Banzai::Filter::HtmlEntityFilter, lib: true do

    expect(output).to eq(escaped)
  end
+
+  it 'does not double-escape' do
+    escaped = ERB::Util.html_escape("Merge branch 'blabla' into 'master'")
+    expect(filter(escaped)).to eq(escaped)
+  end
 end