HTML escape at app/helpers/repositories_helper.rb.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6355 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
parent
17d788b7a2
commit
5cd6aa0a09
|
@ -87,7 +87,7 @@ module RepositoriesHelper
|
||||||
if s = tree[file][:s]
|
if s = tree[file][:s]
|
||||||
style << ' folder'
|
style << ' folder'
|
||||||
path_param = to_path_param(@repository.relative_path(file))
|
path_param = to_path_param(@repository.relative_path(file))
|
||||||
text = link_to(text, :controller => 'repositories',
|
text = link_to(h(text), :controller => 'repositories',
|
||||||
:action => 'show',
|
:action => 'show',
|
||||||
:id => @project,
|
:id => @project,
|
||||||
:path => path_param,
|
:path => path_param,
|
||||||
|
@ -97,18 +97,18 @@ module RepositoriesHelper
|
||||||
elsif c = tree[file][:c]
|
elsif c = tree[file][:c]
|
||||||
style << " change-#{c.action}"
|
style << " change-#{c.action}"
|
||||||
path_param = to_path_param(@repository.relative_path(c.path))
|
path_param = to_path_param(@repository.relative_path(c.path))
|
||||||
text = link_to(text, :controller => 'repositories',
|
text = link_to(h(text), :controller => 'repositories',
|
||||||
:action => 'entry',
|
:action => 'entry',
|
||||||
:id => @project,
|
:id => @project,
|
||||||
:path => path_param,
|
:path => path_param,
|
||||||
:rev => @changeset.identifier) unless c.action == 'D'
|
:rev => @changeset.identifier) unless c.action == 'D'
|
||||||
text << " - #{c.revision}" unless c.revision.blank?
|
text << " - #{h(c.revision)}" unless c.revision.blank?
|
||||||
text << ' (' + link_to('diff', :controller => 'repositories',
|
text << ' (' + link_to('diff', :controller => 'repositories',
|
||||||
:action => 'diff',
|
:action => 'diff',
|
||||||
:id => @project,
|
:id => @project,
|
||||||
:path => path_param,
|
:path => path_param,
|
||||||
:rev => @changeset.identifier) + ') ' if c.action == 'M'
|
:rev => @changeset.identifier) + ') ' if c.action == 'M'
|
||||||
text << ' ' + content_tag('span', c.from_path, :class => 'copied-from') unless c.from_path.blank?
|
text << ' ' + content_tag('span', h(c.from_path), :class => 'copied-from') unless c.from_path.blank?
|
||||||
output << "<li class='#{style}'>#{text}</li>"
|
output << "<li class='#{style}'>#{text}</li>"
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue