Don't treat flash messages as raw

This will likely break some things, but we should fix them
properly so that the rails auto-escaping can work.

Fixes #1027

diff --git a/app/views/layouts/_flash.html.erb b/app/views/layouts/_flash.html.erb
index 5a4288c4d2c0ed250fe8e23c06cc9d6fb83b246b..e721851018af7a3a504bb4913e643877499ee3a0 100644 (file)
--- a/app/views/layouts/_flash.html.erb
+++ b/app/views/layouts/_flash.html.erb
@@ -1,20 +1,20 @@
 <% if flash[:error] %>
   <div class="flash error">
     <%= image_tag("notice.png", :class => "small_icon", :border => 0) %>
-    <div class="message"><%= raw flash[:error] %></div>
+    <div class="message"><%= flash[:error] %></div>
   </div>
 <% end %>
 
 <% if flash[:warning] %>
   <div class="flash warning">
     <%= image_tag("notice.png", :class => "small_icon", :border => 0) %>
-    <div class="message"><%= raw flash[:warning] %></div>
+    <div class="message"><%= flash[:warning] %></div>
   </div>
 <% end %>
 
 <% if flash[:notice] %>
   <div class="flash notice">
     <%= image_tag("notice.png", :class => "small_icon", :border => 0) %>
-    <div class="message"><%= raw flash[:notice] %></div>
+    <div class="message"><%= flash[:notice] %></div>
   </div>
 <% end %>