Rails3: use image_tag instead of hard-coded html tag to prevent escaping in gravatar plugin

Contributed by Sernin van de Krol. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@8920 e93f8b46-1217-0410-a6f0-8f06a7374b81
2012-02-22 11:41:07 +00:00 · 2012-02-22 11:41:07 +00:00 · 4fcac7d3b1
parent 652871d4c3
commit 4fcac7d3b1
1 changed files with 2 additions and 2 deletions
--- a/vendor/plugins/gravatar/lib/gravatar.rb
+++ b/vendor/plugins/gravatar/lib/gravatar.rb
@ -51,8 +51,8 @@ module GravatarHelper
    def gravatar(email, options={})
      src = h(gravatar_url(email, options))
      options = DEFAULT_OPTIONS.merge(options)
-      [:class, :alt, :size, :title].each { |opt| options[opt] = h(options[opt]) }
-      "<img class=\"#{options[:class]}\" alt=\"#{options[:alt]}\" title=\"#{options[:title]}\" width=\"#{options[:size]}\" height=\"#{options[:size]}\" src=\"#{src}\" />"
+      [:class, :alt, :title].each { |opt| options[opt] = h(options[opt]) }
+      image_tag src, options
    end
    
    # Returns the base Gravatar URL for the given email hash. If ssl evaluates to true,