This is safer than raw, since any user input is still escaped.
<h2>
<a class="geolink" href="<%= root_path %>"><span class="icon close"></span></a>
- <%= raw t("browse.#{@type}.history_title", :name => printable_name(@feature)) %>
+ <%= t("browse.#{@type}.history_title_html", :name => printable_name(@feature)) %>
</h2>
<%= render :partial => @type, :collection => @feature.send("old_#{@type}s").reverse %>
<h1><%= t ".title" %></h1>
<% end %>
-<p><%= raw t(".request_access", :app_name => link_to(@token.client_application.name, @token.client_application.url), :user => link_to(current_user.display_name, user_path(current_user))) %></p>
+<p><%= t(".request_access_html", :app_name => link_to(@token.client_application.name, @token.client_application.url), :user => link_to(current_user.display_name, user_path(current_user))) %></p>
<%= form_tag authorize_url do %>
<%= hidden_field_tag "oauth_token", @token.token %>
<h1><%= t ".title" %></h1>
<% end %>
-<p><%= raw t(".allowed", :app_name => link_to(@token.client_application.name, @token.client_application.url)) %></p>
+<p><%= t(".allowed_html", :app_name => link_to(@token.client_application.name, @token.client_application.url)) %></p>
<% if @token.oob? and not @token.oauth10? %>
<p><%= t ".verification", :code => @token.verifier %></p>
<% end %>
<h3><%= t ".my_apps" %></h3>
<% if @client_applications.empty? %>
-<p><%= raw(t(".no_apps", :oauth => "<a href=\"https://oauth.net\">OAuth</a>")) %></p>
+<p><%= t(".no_apps_html", :oauth => link_to(t(".oauth"), "https://oauth.net" )) %></p>
<% else %>
<p><%= t ".registered_apps" %></p>
<% @client_applications.each do |client| %>
<td>
<p>
<% if user.creation_ip %>
- <%= raw t "users.index.summary",
- :name => link_to(h(user.display_name), user_path(user)),
- :ip_address => link_to(user.creation_ip, :ip => user.creation_ip),
- :date => l(user.creation_time, :format => :friendly) %>
+ <%= t "users.index.summary_html",
+ :name => link_to(h(user.display_name), user_path(user)),
+ :ip_address => link_to(user.creation_ip, :ip => user.creation_ip),
+ :date => l(user.creation_time, :format => :friendly) %>
<% else %>
- <%= raw t "users.index.summary_no_ip",
- :name => link_to(h(user.display_name), user_path(user)),
- :date => l(user.creation_time, :format => :friendly) %>
+ <%= t "users.index.summary_no_ip_html",
+ :name => link_to(h(user.display_name), user_path(user)),
+ :date => l(user.creation_time, :format => :friendly) %>
<% end %>
</p>
<div class="richtext"><%= user.description.to_html %></div>
</fieldset>
<div id="auth_prompt" class="form-row">
- <%= link_to raw(t(".use external auth")), "#", :id => "auth_enable" %>
+ <%= link_to t(".use external auth"), "#", :id => "auth_enable" %>
</div>
<%= submit_tag t(".continue"), :tabindex => 8 %>
still_open: "Changeset still open - discussion will open once the changeset is closed."
node:
title_html: "Node: %{name}"
- history_title: "Node History: %{name}"
+ history_title_html: "Node History: %{name}"
way:
title_html: "Way: %{name}"
- history_title: "Way History: %{name}"
+ history_title_html: "Way History: %{name}"
nodes: "Nodes"
also_part_of_html:
one: "part of way %{related_ways}"
other: "part of ways %{related_ways}"
relation:
title_html: "Relation: %{name}"
- history_title: "Relation History: %{name}"
+ history_title_html: "Relation History: %{name}"
members: "Members"
relation_member:
entry_html: "%{type} %{name}"
oauth:
authorize:
title: "Authorize access to your account"
- request_access: "The application %{app_name} is requesting access to your account, %{user}. Please check whether you would like the application to have the following capabilities. You may choose as many or as few as you like."
+ request_access_html: "The application %{app_name} is requesting access to your account, %{user}. Please check whether you would like the application to have the following capabilities. You may choose as many or as few as you like."
allow_to: "Allow the client application to:"
allow_read_prefs: "read your user preferences."
allow_write_prefs: "modify your user preferences."
grant_access: "Grant Access"
authorize_success:
title: "Authorization request allowed"
- allowed: "You have granted application %{app_name} access to your account."
+ allowed_html: "You have granted application %{app_name} access to your account."
verification: "The verification code is %{code}."
authorize_failure:
title: "Authorization request failed"
issued_at: "Issued At"
revoke: "Revoke!"
my_apps: "My Client Applications"
- no_apps: "Do you have an application you would like to register for use with us using the %{oauth} standard? You must register your web application before it can make OAuth requests to this service."
+ no_apps_html: "Do you have an application you would like to register for use with us using the %{oauth} standard? You must register your web application before it can make OAuth requests to this service."
+ oauth: OAuth
registered_apps: "You have the following client applications registered:"
register_new: "Register your application"
form:
showing:
one: Page %{page} (%{first_item} of %{items})
other: Page %{page} (%{first_item}-%{last_item} of %{items})
- summary: "%{name} created from %{ip_address} on %{date}"
- summary_no_ip: "%{name} created on %{date}"
+ summary_html: "%{name} created from %{ip_address} on %{date}"
+ summary_no_ip_html: "%{name} created on %{date}"
confirm: Confirm Selected Users
hide: Hide Selected Users
empty: No matching users found
projects / rails.git / commitdiff