diff --git a/app/helpers/text_with_links_helper.rb b/app/helpers/text_with_links_helper.rb index b59c6ae7f..698990538 100644 --- a/app/helpers/text_with_links_helper.rb +++ b/app/helpers/text_with_links_helper.rb @@ -1,12 +1,12 @@ module TextWithLinksHelper - def text_with_links(text) + def sanitize_and_auto_link(text) return unless text sanitized = sanitize(text, tags: [], attributes: []) Rinku.auto_link(sanitized, :all, 'target="_blank" rel="nofollow"').html_safe end - def safe_html_with_links(html) + def auto_link_already_sanitized_html(html) return if html.nil? html = ActiveSupport::SafeBuffer.new(html) if html.is_a?(String) return html.html_safe unless html.html_safe? diff --git a/app/helpers/valuation_helper.rb b/app/helpers/valuation_helper.rb index 39018b61e..428d7fb14 100644 --- a/app/helpers/valuation_helper.rb +++ b/app/helpers/valuation_helper.rb @@ -14,7 +14,7 @@ module ValuationHelper end def explanation_field(field) - simple_format_no_tags_no_sanitize(text_with_links(field)) if field.present? + simple_format_no_tags_no_sanitize(sanitize_and_auto_link(field)) if field.present? end end diff --git a/app/views/admin/budget_investments/_written_by_author.html.erb b/app/views/admin/budget_investments/_written_by_author.html.erb index b2bc5b5b5..f030aac91 100644 --- a/app/views/admin/budget_investments/_written_by_author.html.erb +++ b/app/views/admin/budget_investments/_written_by_author.html.erb @@ -55,6 +55,6 @@ <% if @investment.external_url.present? %>

- <%= text_with_links @investment.external_url %>  + <%= sanitize_and_auto_link @investment.external_url %> 

<% end %> diff --git a/app/views/admin/debates/show.html.erb b/app/views/admin/debates/show.html.erb index 2494efa3d..2d70c4596 100644 --- a/app/views/admin/debates/show.html.erb +++ b/app/views/admin/debates/show.html.erb @@ -25,7 +25,7 @@ - <%= safe_html_with_links @debate.description %> + <%= auto_link_already_sanitized_html @debate.description %>

<%= t("votes.supports") %>

diff --git a/app/views/admin/hidden_comments/index.html.erb b/app/views/admin/hidden_comments/index.html.erb index ca26aef31..693efda67 100644 --- a/app/views/admin/hidden_comments/index.html.erb +++ b/app/views/admin/hidden_comments/index.html.erb @@ -15,7 +15,7 @@ <% @comments.each do |comment| %> - <%= text_with_links comment.body %>
+ <%= sanitize_and_auto_link comment.body %>
<% if comment.commentable.hidden? %> (<%= t("admin.hidden_comments.index.hidden_#{comment.commentable_type.downcase}") %>: <%= comment.commentable.title %>) <% else %> diff --git a/app/views/admin/hidden_proposals/index.html.erb b/app/views/admin/hidden_proposals/index.html.erb index 4e23b8c5b..5cbadf84d 100644 --- a/app/views/admin/hidden_proposals/index.html.erb +++ b/app/views/admin/hidden_proposals/index.html.erb @@ -23,7 +23,7 @@

<%= proposal.summary %>

<%= proposal.description %> <% if proposal.video_url.present? %> -

<%= text_with_links proposal.video_url %>

+

<%= sanitize_and_auto_link proposal.video_url %>

<% end %> diff --git a/app/views/admin/hidden_users/show.html.erb b/app/views/admin/hidden_users/show.html.erb index 0a95eab12..1d82fb301 100644 --- a/app/views/admin/hidden_users/show.html.erb +++ b/app/views/admin/hidden_users/show.html.erb @@ -30,7 +30,7 @@ <% @comments.each do |comment| %> - <%= text_with_links comment.body %> + <%= sanitize_and_auto_link comment.body %> <% end %> diff --git a/app/views/budgets/_phases.html.erb b/app/views/budgets/_phases.html.erb index 26df99837..f9791a43e 100644 --- a/app/views/budgets/_phases.html.erb +++ b/app/views/budgets/_phases.html.erb @@ -7,7 +7,7 @@ - <%= l(phase.ends_at.to_date - 1.day, format: :long) if phase.ends_at.present? %> -

<%= safe_html_with_links(WYSIWYGSanitizer.new.sanitize(phase.summary)) %>

+

<%= auto_link_already_sanitized_html(WYSIWYGSanitizer.new.sanitize(phase.summary)) %>

<% end %> diff --git a/app/views/budgets/index.html.erb b/app/views/budgets/index.html.erb index e194af049..2a23575d4 100644 --- a/app/views/budgets/index.html.erb +++ b/app/views/budgets/index.html.erb @@ -15,7 +15,7 @@

<%= current_budget.name %>

- <%= safe_html_with_links(current_budget.description) %> + <%= auto_link_already_sanitized_html(current_budget.description) %>

<%= link_to t("budgets.index.section_header.help"), "#section_help" %> diff --git a/app/views/budgets/investments/_investment_detail.erb b/app/views/budgets/investments/_investment_detail.erb index de1a7be07..3e9098d8f 100644 --- a/app/views/budgets/investments/_investment_detail.erb +++ b/app/views/budgets/investments/_investment_detail.erb @@ -22,7 +22,7 @@ <%= t("budgets.investments.show.code_html", code: investment.id) %>

-<%= safe_html_with_links investment.description %> +<%= auto_link_already_sanitized_html investment.description %> <% if feature?(:map) && map_location_available?(@investment.map_location) %>
@@ -52,7 +52,7 @@ <% if investment.external_url.present? %>
- <%= text_with_links investment.external_url %> + <%= sanitize_and_auto_link investment.external_url %>
<% end %> diff --git a/app/views/budgets/show.html.erb b/app/views/budgets/show.html.erb index 0d1bf5779..4cf4330a1 100644 --- a/app/views/budgets/show.html.erb +++ b/app/views/budgets/show.html.erb @@ -9,7 +9,7 @@

<%= @budget.name %>

- <%= safe_html_with_links(@budget.description) %> + <%= auto_link_already_sanitized_html(@budget.description) %>

diff --git a/app/views/comments/_comment.html.erb b/app/views/comments/_comment.html.erb index 6104d955f..56667f26d 100644 --- a/app/views/comments/_comment.html.erb +++ b/app/views/comments/_comment.html.erb @@ -80,7 +80,7 @@

- <%= simple_format text_with_links(comment.body), {}, sanitize: false %> + <%= simple_format sanitize_and_auto_link(comment.body), {}, sanitize: false %>
diff --git a/app/views/debates/show.html.erb b/app/views/debates/show.html.erb index b8814d75b..113041e63 100644 --- a/app/views/debates/show.html.erb +++ b/app/views/debates/show.html.erb @@ -30,7 +30,7 @@
- <%= safe_html_with_links @debate.description %> + <%= auto_link_already_sanitized_html @debate.description %> <%= render "shared/tags", taggable: @debate %> diff --git a/app/views/direct_messages/show.html.erb b/app/views/direct_messages/show.html.erb index 3757524cc..7a3ce847a 100644 --- a/app/views/direct_messages/show.html.erb +++ b/app/views/direct_messages/show.html.erb @@ -10,6 +10,6 @@

<%= @direct_message.title %>

-

<%= simple_format text_with_links(@direct_message.body), {}, sanitize: false %>

+

<%= simple_format sanitize_and_auto_link(@direct_message.body), {}, sanitize: false %>

diff --git a/app/views/legislation/proposals/show.html.erb b/app/views/legislation/proposals/show.html.erb index d6f44c592..7f21c1506 100644 --- a/app/views/legislation/proposals/show.html.erb +++ b/app/views/legislation/proposals/show.html.erb @@ -68,7 +68,7 @@ <% end %> - <%= safe_html_with_links @proposal.description %> + <%= auto_link_already_sanitized_html @proposal.description %> <% if @proposal.video_url.present? %>
@@ -76,7 +76,7 @@   <%= t("proposals.show.title_video_url") %>

- <%= text_with_links @proposal.video_url %> + <%= sanitize_and_auto_link @proposal.video_url %>
<% end %> diff --git a/app/views/mailer/comment.html.erb b/app/views/mailer/comment.html.erb index bfd576835..c0bd1c8f0 100644 --- a/app/views/mailer/comment.html.erb +++ b/app/views/mailer/comment.html.erb @@ -13,7 +13,7 @@

- <%= text_with_links @comment.body %> + <%= sanitize_and_auto_link @comment.body %>

diff --git a/app/views/mailer/direct_message_for_receiver.html.erb b/app/views/mailer/direct_message_for_receiver.html.erb index 135da4884..0ddd5e30d 100644 --- a/app/views/mailer/direct_message_for_receiver.html.erb +++ b/app/views/mailer/direct_message_for_receiver.html.erb @@ -4,7 +4,7 @@

- <%= simple_format text_with_links(@direct_message.body), {}, sanitize: false %> + <%= simple_format sanitize_and_auto_link(@direct_message.body), {}, sanitize: false %>
diff --git a/app/views/mailer/direct_message_for_sender.html.erb b/app/views/mailer/direct_message_for_sender.html.erb index da7bf7308..89124ab7b 100644 --- a/app/views/mailer/direct_message_for_sender.html.erb +++ b/app/views/mailer/direct_message_for_sender.html.erb @@ -10,6 +10,6 @@
- <%= simple_format text_with_links(@direct_message.body), {}, sanitize: false %> + <%= simple_format sanitize_and_auto_link(@direct_message.body), {}, sanitize: false %>
diff --git a/app/views/mailer/evaluation_comment.html.erb b/app/views/mailer/evaluation_comment.html.erb index 0d695766d..85c842818 100644 --- a/app/views/mailer/evaluation_comment.html.erb +++ b/app/views/mailer/evaluation_comment.html.erb @@ -14,6 +14,6 @@ <%= t("mailers.evaluation_comment.commenter_info", commenter: @email.comment.author.name, time: l(@email.comment.created_at)) %>
- <%= simple_format text_with_links(@email.comment.body), {}, sanitize: false %> + <%= simple_format sanitize_and_auto_link(@email.comment.body), {}, sanitize: false %>
diff --git a/app/views/mailer/newsletter.html.erb b/app/views/mailer/newsletter.html.erb index afc394f10..e77eaa1f0 100644 --- a/app/views/mailer/newsletter.html.erb +++ b/app/views/mailer/newsletter.html.erb @@ -1,5 +1,5 @@ diff --git a/app/views/mailer/reply.html.erb b/app/views/mailer/reply.html.erb index 02478e3ad..d53815249 100644 --- a/app/views/mailer/reply.html.erb +++ b/app/views/mailer/reply.html.erb @@ -13,7 +13,7 @@

- <%= simple_format text_with_links(@email.reply.body), {}, sanitize: false %> + <%= simple_format sanitize_and_auto_link(@email.reply.body), {}, sanitize: false %>

diff --git a/app/views/milestones/_milestone.html.erb b/app/views/milestones/_milestone.html.erb index 2e3ace7fb..6de305b85 100644 --- a/app/views/milestones/_milestone.html.erb +++ b/app/views/milestones/_milestone.html.erb @@ -25,7 +25,7 @@ <%= image_tag(milestone.image_url(:large), { id: "image_#{milestone.id}", alt: milestone.image.title, class: "margin" }) if milestone.image.present? %>

- <%= text_with_links milestone.description %> + <%= sanitize_and_auto_link milestone.description %>

<% if milestone.documents.present? %> diff --git a/app/views/pages/custom_page.html.erb b/app/views/pages/custom_page.html.erb index 58181259d..cdd06f9e0 100644 --- a/app/views/pages/custom_page.html.erb +++ b/app/views/pages/custom_page.html.erb @@ -9,7 +9,7 @@

<%= @custom_page.subtitle %>

<% end %> - <%= safe_html_with_links AdminWYSIWYGSanitizer.new.sanitize(@custom_page.content) %> + <%= auto_link_already_sanitized_html AdminWYSIWYGSanitizer.new.sanitize(@custom_page.content) %> <% if @custom_page.print_content_flag %> diff --git a/app/views/polls/_poll_header.html.erb b/app/views/polls/_poll_header.html.erb index 95a0237b9..b94d03e39 100644 --- a/app/views/polls/_poll_header.html.erb +++ b/app/views/polls/_poll_header.html.erb @@ -9,7 +9,7 @@

<%= @poll.name %>

- <%= safe_html_with_links simple_format(@poll.summary) %> + <%= auto_link_already_sanitized_html simple_format(@poll.summary) %> <% if @poll.geozones.any? %>

- <%= safe_html_with_links WYSIWYGSanitizer.new.sanitize(@newsletter.body) %> + <%= auto_link_already_sanitized_html WYSIWYGSanitizer.new.sanitize(@newsletter.body) %>