diff options
| author | erdgeist <erdgeist@erdgeist.org> | 2026-06-27 20:29:25 +0200 |
|---|---|---|
| committer | erdgeist <erdgeist@erdgeist.org> | 2026-06-27 20:29:25 +0200 |
| commit | e86897c7c3ce7dea169be7f2c027aae3a7a4edab (patch) | |
| tree | 2e97075f9213fa28e33e0291fe853c865d441027 /app | |
| parent | 4c22631a5a85b3082f0525cc2454d2bd2251922a (diff) | |
Stop forcing escaped HTML into the database just because XML Builder was used wrong
Diffstat (limited to 'app')
| -rw-r--r-- | app/views/nodes/edit.html.erb | 2 | ||||
| -rw-r--r-- | app/views/rss/updates.rdf.builder | 4 | ||||
| -rw-r--r-- | app/views/rss/updates.xml.builder | 4 |
3 files changed, 5 insertions, 5 deletions
diff --git a/app/views/nodes/edit.html.erb b/app/views/nodes/edit.html.erb index 596f992..b45c700 100644 --- a/app/views/nodes/edit.html.erb +++ b/app/views/nodes/edit.html.erb | |||
| @@ -76,7 +76,7 @@ | |||
| 76 | 76 | ||
| 77 | <div id="content"> | 77 | <div id="content"> |
| 78 | <div class="node_description">Title</div> | 78 | <div class="node_description">Title</div> |
| 79 | <div class="node_content"><%= d.text_field :title, :pattern => "(?:[^<>&]|&amp;|&lt;|&gt;)*", :title => "Warning: Unescaped HTML entities detected! Use &lt;, &gt;, &amp; instead of <, >, &." %></div> | 79 | <div class="node_content"><%= d.text_field :title %></div> |
| 80 | 80 | ||
| 81 | <div class="node_description">Abstract</div> | 81 | <div class="node_description">Abstract</div> |
| 82 | <div class="node_content"><%= d.text_area :abstract %></div> | 82 | <div class="node_content"><%= d.text_area :abstract %></div> |
diff --git a/app/views/rss/updates.rdf.builder b/app/views/rss/updates.rdf.builder index cc63201..b02d34f 100644 --- a/app/views/rss/updates.rdf.builder +++ b/app/views/rss/updates.rdf.builder | |||
| @@ -17,9 +17,9 @@ xml.tag!("rdf:RDF", "xmlns:rdf" => "http://www.w3.org/1999/02/22-rdf-syntax-ns#" | |||
| 17 | 17 | ||
| 18 | @items.each do |item| | 18 | @items.each do |item| |
| 19 | xml.item("rdf:about" => content_url(:page_path => item.node.unique_path)) do | 19 | xml.item("rdf:about" => content_url(:page_path => item.node.unique_path)) do |
| 20 | xml.title(item.title) | 20 | xml.title(CGI.escapeHTML(item.title.to_s)) |
| 21 | xml.link(content_url(:page_path => item.node.unique_path)) | 21 | xml.link(content_url(:page_path => item.node.unique_path)) |
| 22 | xml.description(item.abstract) | 22 | xml.description(CGI.escapeHTML(item.abstract.to_s)) |
| 23 | xml.tag!("dc:creator", (item.user ? item.user.login : "CCC")) | 23 | xml.tag!("dc:creator", (item.user ? item.user.login : "CCC")) |
| 24 | xml.tag!("dc:date", item.published_at.xmlschema) | 24 | xml.tag!("dc:date", item.published_at.xmlschema) |
| 25 | end | 25 | end |
diff --git a/app/views/rss/updates.xml.builder b/app/views/rss/updates.xml.builder index 6afcd56..0ea08fa 100644 --- a/app/views/rss/updates.xml.builder +++ b/app/views/rss/updates.xml.builder | |||
| @@ -12,7 +12,7 @@ xml.feed(:xmlns => "http://www.w3.org/2005/Atom", "xml:base" => @host) do | |||
| 12 | 12 | ||
| 13 | @items.each do |item| | 13 | @items.each do |item| |
| 14 | xml.entry do | 14 | xml.entry do |
| 15 | xml.title(item.title) | 15 | xml.title(CGI.escapeHTML(item.title.to_s)) |
| 16 | xml.link( | 16 | xml.link( |
| 17 | :href => content_url(:page_path => item.node.unique_path), | 17 | :href => content_url(:page_path => item.node.unique_path), |
| 18 | :rel => "alternate", | 18 | :rel => "alternate", |
| @@ -21,7 +21,7 @@ xml.feed(:xmlns => "http://www.w3.org/2005/Atom", "xml:base" => @host) do | |||
| 21 | xml.id(content_url(:page_path => item.node.feed_id)) | 21 | xml.id(content_url(:page_path => item.node.feed_id)) |
| 22 | xml.updated(item.updated_at.xmlschema) | 22 | xml.updated(item.updated_at.xmlschema) |
| 23 | xml.published(item.published_at.xmlschema) | 23 | xml.published(item.published_at.xmlschema) |
| 24 | xml.summary(item.abstract) | 24 | xml.summary(CGI.escapeHTML(item.abstract.to_s)) |
| 25 | xml.content(:type => "xhtml") do | 25 | xml.content(:type => "xhtml") do |
| 26 | xml.div(item.body, :xmlns => "http://www.w3.org/1999/xhtml") | 26 | xml.div(item.body, :xmlns => "http://www.w3.org/1999/xhtml") |
| 27 | end | 27 | end |
