diff options
author | Azul <azul@leap.se> | 2014-06-09 11:00:28 +0200 |
---|---|---|
committer | Azul <azul@leap.se> | 2014-06-09 11:00:28 +0200 |
commit | 728d6d3985126c2890638bb2ee24020fa0e36a80 (patch) | |
tree | 1fcbb560b0103123d49fb953e86fdb960ee5dd13 /app/helpers/application_helper.rb | |
parent | b9174fdc9d9bd403d9a16650bafc4715e3dbf2d4 (diff) | |
parent | 9fa52ed80d71ec56ed5acf18dfd63bd03b201cc5 (diff) |
Merge tag '0.5.2'
Diffstat (limited to 'app/helpers/application_helper.rb')
-rw-r--r-- | app/helpers/application_helper.rb | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index 90e649a..6de5e1b 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -40,8 +40,9 @@ module ApplicationHelper end end + # fairly strict sanitation for flash messages def format_flash(msg) - html_escape(msg).gsub('[b]', '<b>').gsub('[/b]', '</b>').html_safe + sanitize(msg, tags: %w(em strong b br), attributes: []) end end |