From 05cf8c4351b26c3f7e98fc20f2b7a4b9b4fd18f4 Mon Sep 17 00:00:00 2001
From: Rob Harrington <oeoeaio@gmail.com>
Date: Fri, 31 Mar 2017 12:49:19 +1100
Subject: [PATCH] Sanitizing product description for textAngular input

---
 .../products/_form/add_description_wysiwyg.html.haml.deface   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/overrides/spree/admin/products/_form/add_description_wysiwyg.html.haml.deface b/app/overrides/spree/admin/products/_form/add_description_wysiwyg.html.haml.deface
index df61d16cd3..71d3e43f9c 100644
--- a/app/overrides/spree/admin/products/_form/add_description_wysiwyg.html.haml.deface
+++ b/app/overrides/spree/admin/products/_form/add_description_wysiwyg.html.haml.deface
@@ -1,3 +1,3 @@
 / replace "[data-hook=admin_product_form_left] code[erb-loud]:contains('f.text_area :description')"
-%text-angular{'id' => 'product_description', 'ng-model' => 'product.description', 'name' => 'product[description]', 'class' => 'text-angular', 'ta-toolbar' => "[['bold','italics','clear']]"}
-  != @product[:description].to_s.html_safe
\ No newline at end of file
+%text-angular{'id' => 'product_description', 'name' => 'product[description]', 'class' => 'text-angular', 'ta-toolbar' => "[['bold','italics','clear']]"}
+  = sanitize(@product.description)