From 41dfa42edd18b40226b7e622d7f9ab563367f0ef Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Sat, 14 Nov 2009 16:31:51 +0000 Subject: [PATCH 1/1] Sanitize any user supplied HTML before doing link detection or the sanitizer will strip the rel=nofollow attributes. --- app/helpers/application_helper.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index 2eebec170..e10650ada 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -1,6 +1,6 @@ module ApplicationHelper def htmlize(text) - return sanitize(auto_link(simple_format(text), :link => :urls, :html => { :rel => "nofollow" })) + return auto_link(sanitize(simple_format(text)), :link => :urls, :html => { :rel => "nofollow" }) end def html_escape_unicode(text) -- 2.43.2