From 4fcac7d3b1295408a9d64e64aa17800f4ad31299 Mon Sep 17 00:00:00 2001
From: Toshi MARUYAMA <marutosijp2@yahoo.co.jp>
Date: Wed, 22 Feb 2012 11:41:07 +0000
Subject: [PATCH] Rails3: use image_tag instead of hard-coded html tag to
 prevent escaping in gravatar plugin

Contributed by Sernin van de Krol.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@8920 e93f8b46-1217-0410-a6f0-8f06a7374b81
---
 vendor/plugins/gravatar/lib/gravatar.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/vendor/plugins/gravatar/lib/gravatar.rb b/vendor/plugins/gravatar/lib/gravatar.rb
index c1b62c584..a0b1241b2 100644
--- a/vendor/plugins/gravatar/lib/gravatar.rb
+++ b/vendor/plugins/gravatar/lib/gravatar.rb
@@ -51,8 +51,8 @@ module GravatarHelper
     def gravatar(email, options={})
       src = h(gravatar_url(email, options))
       options = DEFAULT_OPTIONS.merge(options)
-      [:class, :alt, :size, :title].each { |opt| options[opt] = h(options[opt]) }
-      "<img class=\"#{options[:class]}\" alt=\"#{options[:alt]}\" title=\"#{options[:title]}\" width=\"#{options[:size]}\" height=\"#{options[:size]}\" src=\"#{src}\" />"
+      [:class, :alt, :title].each { |opt| options[opt] = h(options[opt]) }
+      image_tag src, options
     end
     
     # Returns the base Gravatar URL for the given email hash. If ssl evaluates to true,