raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-02-27 01:43:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

sanitize long_description html before injection

Browse Source
This commit is contained in:
Rafael Schouten
2014-10-03 16:06:04 +10:00
parent 3a14a26bc6
commit bb24e1ce88
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/helpers/admin/injection_helper.rb
View File

@@ -42,7 +42,9 @@ module Admin
end
def admin_inject_enterprise_long_description
render partial: "admin/json/injection_ams", locals: {ngModule: 'admin.enterprises', name: 'longDescription', json: "'#{@enterprise.long_description.to_s}'"}
# Clean line breaks and quotes.
long_description = @enterprise.long_description.gsub("\r\n", "<br />").gsub("\"", "&#34;").gsub("'","&#39;")
render partial: "admin/json/injection_ams", locals: {ngModule: 'admin.enterprises', name: 'longDescription', json: "'#{long_description}'"}
end