Make linkify preserve HTML safety
authorTom Hughes <tom@compton.nu>
Tue, 15 Nov 2011 09:46:33 +0000 (09:46 +0000)
committerTom Hughes <tom@compton.nu>
Tue, 15 Nov 2011 09:46:33 +0000 (09:46 +0000)
app/helpers/application_helper.rb
app/views/diary_entry/_diary_entry.html.erb

index 8073c2583d0f88b5f0d258f85e5b1448e11e8683..b77ac87215351fac98b7198179db05d9c4003e9d 100644 (file)
@@ -6,11 +6,23 @@ module ApplicationHelper
   end
 
   def htmlize(text)
-    return linkify(sanitize(simple_format(text)))
+    logger.info "text safety is #{text.html_safe?}"
+    r = simple_format(text)
+    logger.info "formatted text safety is #{r.html_safe?}"
+    r = sanitize(r)
+    logger.info "sanitised text safety is #{r.html_safe?}"
+    r = linkify(r)
+    logger.info "linkified text safety is #{r.html_safe?}"
+    return r
+#    return linkify(sanitize(simple_format(text)))
   end
 
   def linkify(text)
-    return Rinku.auto_link(text, :urls, tag_options(:rel => "nofollow"))
+    if text.html_safe?
+      Rinku.auto_link(text, :urls, tag_options(:rel => "nofollow")).html_safe
+    else
+      Rinku.auto_link(text, :urls, tag_options(:rel => "nofollow"))
+    end
   end
 
   def html_escape_unicode(text)
index 6ab7aaf48924852c6becb9d8e5788dc551427701..dc09ed957957ac0e5606d4b205ffb9314a28a709 100644 (file)
@@ -1,7 +1,7 @@
 <b><%= link_to h(diary_entry.title), :action => 'view', :display_name => diary_entry.user.display_name, :id => diary_entry.id %></b><br />
 
 <div xml:lang="<%= diary_entry.language_code %>" lang="<%= diary_entry.language_code %>">
-  <%= raw(htmlize(diary_entry.body)) %>
+  <%= htmlize(diary_entry.body) %>
 </div>
 
 <% if diary_entry.latitude and diary_entry.longitude %>