Sanitise parameters used in URL generation

[rails.git] / app / views / changeset / list.atom.builder

diff --git a/app/views/changeset/list.atom.builder b/app/views/changeset/list.atom.builder
index 3e0cd9ec58c6624bf3c27535f93cc5568351a607..0235d182afbea03b092169b1b7be61db27fce942 100644 (file)
--- a/app/views/changeset/list.atom.builder
+++ b/app/views/changeset/list.atom.builder
@@ -1,20 +1,20 @@
 atom_feed(:language => I18n.locale, :schema_date => 2009,
-          :id => url_for(params.merge({ :only_path => false })),
-          :root_url => url_for(params.merge({ :action => :list, :format => nil, :only_path => false })),
+          :id => url_for(@params.merge(:only_path => false)),
+          :root_url => url_for(@params.merge(:action => :list, :format => nil, :only_path => false)),
           "xmlns:georss" => "http://www.georss.org/georss") do |feed|
   feed.title changeset_list_title(params, @user)
 
-  feed.updated @edits.map {|e|  [e.created_at, e.closed_at].max }.max
-  feed.icon "http://#{SERVER_URL}/favicon.ico"
-  feed.logo "http://#{SERVER_URL}/images/mag_map-rss2.0.png"
+  feed.updated @edits.map { |e| [e.created_at, e.closed_at].max }.max
+  feed.icon image_url("favicon.ico")
+  feed.logo image_url("mag_map-rss2.0.png")
 
-  feed.rights :type => 'xhtml' do |xhtml|
+  feed.rights :type => "xhtml" do |xhtml|
     xhtml.a :href => "http://creativecommons.org/licenses/by-sa/2.0/" do |a|
-      a.img :src => "http://#{SERVER_URL}/images/cc_button.png", :alt => "CC by-sa 2.0"
+      a.img :src => image_url("cc_button.png"), :alt => "CC by-sa 2.0"
     end
   end
 
-  for changeset in @edits
+  @edits.each do |changeset|
     feed.entry(changeset, :updated => changeset.closed_at, :id => changeset_url(changeset.id, :only_path => false)) do |entry|
       entry.link :rel => "alternate",
                  :href => changeset_read_url(changeset, :only_path => false),
@@ -23,20 +23,20 @@ atom_feed(:language => I18n.locale, :schema_date => 2009,
                  :href => changeset_download_url(changeset, :only_path => false),
                  :type => "application/osmChange+xml"
 
-      if !changeset.tags.empty? and changeset.tags.has_key? "comment"
-        entry.title t('browse.changeset.feed.title_comment', :id => h(changeset.id), :comment => h(changeset.tags['comment'])), :type => "html"
+      if !changeset.tags.empty? && changeset.tags.key?("comment")
+        entry.title t("browse.changeset.feed.title_comment", :id => h(changeset.id), :comment => h(changeset.tags["comment"])), :type => "html"
       else
-        entry.title t('browse.changeset.feed.title', :id => h(changeset.id))
+        entry.title t("browse.changeset.feed.title", :id => h(changeset.id))
       end
 
       if changeset.user.data_public?
         entry.author do |author|
           author.name changeset.user.display_name
-          author.uri url_for(:controller => 'user', :action => 'view', :display_name => changeset.user.display_name, :only_path => false)
+          author.uri url_for(:controller => "user", :action => "view", :display_name => changeset.user.display_name, :only_path => false)
         end
       end
 
-      feed.content :type => 'xhtml' do |xhtml|
+      feed.content :type => "xhtml" do |xhtml|
         xhtml.style "th { text-align: left } tr { vertical-align: top }"
         xhtml.table do |table|
           table.tr do |tr|