github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-06-01 09:08:10 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: don't escape html of poll options

Browse Source
This commit is contained in:
Sam
2017-07-25 13:38:04 -04:00
parent f2e592c1ab
commit 8317fb12e0
2 changed files with 97 additions and 99 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
plugins/poll/plugin.rb
View File

@ -157,14 +157,14 @@ after_initialize do
# extract attributes
p.attributes.values.each do |attribute|
if attribute.name.start_with?(DATA_PREFIX)
poll[attribute.name[DATA_PREFIX.length..-1]] = CGI::escapeHTML(attribute.value || "")
poll[attribute.name[DATA_PREFIX.length..-1]] = CGI.escapeHTML(attribute.value || "")
end
end
# extract options
p.css("li[#{DATA_PREFIX}option-id]").each do |o|
option_id = CGI::escapeHTML(o.attributes[DATA_PREFIX + "option-id"].value || "")
poll["options"] << { "id" => option_id, "html" => CGI::escapeHTML(o.inner_html), "votes" => 0 }
option_id = o.attributes[DATA_PREFIX + "option-id"].value || ""
poll["options"] << { "id" => option_id, "html" => o.inner_html, "votes" => 0 }
end
# add the poll

2
plugins/poll/spec/lib/pretty_text_spec.rb
View File

@ -7,7 +7,6 @@ describe PrettyText do
HtmlNormalize.normalize(html)
end
context 'markdown it' do
it 'supports multi choice polls' do
cooked = PrettyText.cook <<~MD
[poll type=multiple min=1 max=3 public=true]
@ -127,4 +126,3 @@ describe PrettyText do
end
end
end