Discourse/discourse
Discourse/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-09-06 10:50:21 +08:00
Code Packages Activity Actions 9

FIX: don't escape html of poll options

Browse source
This commit is contained in:
Sam 2017-07-25 13:38:04 -04:00
parent f2e592c1ab
commit 8317fb12e0
2 changed files with 97 additions and 99 deletions
Download patch file Download diff file Expand all files Collapse all files

6
plugins/poll/plugin.rb
View file

@ -157,14 +157,14 @@ after_initialize do
# extract attributes
p.attributes.values.each do |attribute|
if attribute.name.start_with?(DATA_PREFIX)
poll[attribute.name[DATA_PREFIX.length..-1]] = CGI::escapeHTML(attribute.value || "")
poll[attribute.name[DATA_PREFIX.length..-1]] = CGI.escapeHTML(attribute.value || "")
end
end
# extract options
p.css("li[#{DATA_PREFIX}option-id]").each do |o|
option_id = CGI::escapeHTML(o.attributes[DATA_PREFIX + "option-id"].value || "")
poll["options"] << { "id" => option_id, "html" => CGI::escapeHTML(o.inner_html), "votes" => 0 }
option_id = o.attributes[DATA_PREFIX + "option-id"].value || ""
poll["options"] << { "id" => option_id, "html" => o.inner_html, "votes" => 0 }
end
# add the poll

2
plugins/poll/spec/lib/pretty_text_spec.rb
View file

@ -7,7 +7,6 @@ describe PrettyText do
HtmlNormalize.normalize(html)
end
context 'markdown it' do
it 'supports multi choice polls' do
cooked = PrettyText.cook <<~MD
[poll type=multiple min=1 max=3 public=true]
@ -126,5 +125,4 @@ describe PrettyText do
expect(n cooked).to eq(n expected)
end
end
end