summaryrefslogtreecommitdiff
path: root/app/helpers
diff options
context:
space:
mode:
Diffstat (limited to 'app/helpers')
-rw-r--r--app/helpers/application_helper.rb3
1 files changed, 2 insertions, 1 deletions
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index 90e649a..6de5e1b 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -40,8 +40,9 @@ module ApplicationHelper
end
end
+ # fairly strict sanitation for flash messages
def format_flash(msg)
- html_escape(msg).gsub('[b]', '<b>').gsub('[/b]', '</b>').html_safe
+ sanitize(msg, tags: %w(em strong b br), attributes: [])
end
end