Rename methods to add auto links to HTML
The name `safe_html_with_links` was confusing and could make you think it takes care of making the HTML safe. So I've renamed it in a way that makes it a bit more intuitive that it expects its input to be already sanitized. I've changed `text_with_links` as well so now the two method names complement each other.
This commit is contained in:
Javi Martín
@@ -1,12 +1,12 @@
|
||||
module TextWithLinksHelper
|
||||
|
||||
def text_with_links(text)
|
||||
def sanitize_and_auto_link(text)
|
||||
return unless text
|
||||
sanitized = sanitize(text, tags: [], attributes: [])
|
||||
Rinku.auto_link(sanitized, :all, 'target="_blank" rel="nofollow"').html_safe
|
||||
end
|
||||
|
||||
def safe_html_with_links(html)
|
||||
def auto_link_already_sanitized_html(html)
|
||||
return if html.nil?
|
||||
html = ActiveSupport::SafeBuffer.new(html) if html.is_a?(String)
|
||||
return html.html_safe unless html.html_safe?
|
||||
|
||||
@@ -14,7 +14,7 @@ module ValuationHelper
|
||||
end
|
||||
|
||||
def explanation_field(field)
|
||||
simple_format_no_tags_no_sanitize(text_with_links(field)) if field.present?
|
||||
simple_format_no_tags_no_sanitize(sanitize_and_auto_link(field)) if field.present?
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
@@ -55,6 +55,6 @@
|
||||
|
||||
<% if @investment.external_url.present? %>
|
||||
<p>
|
||||
<%= text_with_links @investment.external_url %> <span class="icon-external small"></span>
|
||||
<%= sanitize_and_auto_link @investment.external_url %> <span class="icon-external small"></span>
|
||||
</p>
|
||||
<% end %>
|
||||
|
||||
@@ -25,7 +25,7 @@
|
||||
</span>
|
||||
</div>
|
||||
|
||||
<%= safe_html_with_links @debate.description %>
|
||||
<%= auto_link_already_sanitized_html @debate.description %>
|
||||
|
||||
<h3><%= t("votes.supports") %></h3>
|
||||
|
||||
|
||||
@@ -15,7 +15,7 @@
|
||||
<% @comments.each do |comment| %>
|
||||
<tr id="<%= dom_id(comment) %>">
|
||||
<td>
|
||||
<%= text_with_links comment.body %><br>
|
||||
<%= sanitize_and_auto_link comment.body %><br>
|
||||
<% if comment.commentable.hidden? %>
|
||||
(<%= t("admin.hidden_comments.index.hidden_#{comment.commentable_type.downcase}") %>: <%= comment.commentable.title %>)
|
||||
<% else %>
|
||||
|
||||
@@ -23,7 +23,7 @@
|
||||
<p><small><%= proposal.summary %></small></p>
|
||||
<%= proposal.description %>
|
||||
<% if proposal.video_url.present? %>
|
||||
<p><%= text_with_links proposal.video_url %></p>
|
||||
<p><%= sanitize_and_auto_link proposal.video_url %></p>
|
||||
<% end %>
|
||||
</div>
|
||||
</td>
|
||||
|
||||
@@ -30,7 +30,7 @@
|
||||
<% @comments.each do |comment| %>
|
||||
<tr id="<%= dom_id(comment) %>">
|
||||
<td>
|
||||
<%= text_with_links comment.body %>
|
||||
<%= sanitize_and_auto_link comment.body %>
|
||||
</td>
|
||||
</tr>
|
||||
<% end %>
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
-
|
||||
<%= l(phase.ends_at.to_date - 1.day, format: :long) if phase.ends_at.present? %>
|
||||
</span>
|
||||
<p><%= safe_html_with_links(WYSIWYGSanitizer.new.sanitize(phase.summary)) %></p>
|
||||
<p><%= auto_link_already_sanitized_html(WYSIWYGSanitizer.new.sanitize(phase.summary)) %></p>
|
||||
</li>
|
||||
<% end %>
|
||||
</ul>
|
||||
|
||||
@@ -15,7 +15,7 @@
|
||||
|
||||
<h1><%= current_budget.name %></h1>
|
||||
<div class="description">
|
||||
<%= safe_html_with_links(current_budget.description) %>
|
||||
<%= auto_link_already_sanitized_html(current_budget.description) %>
|
||||
</div>
|
||||
<p>
|
||||
<%= link_to t("budgets.index.section_header.help"), "#section_help" %>
|
||||
|
||||
@@ -22,7 +22,7 @@
|
||||
<%= t("budgets.investments.show.code_html", code: investment.id) %>
|
||||
</p>
|
||||
|
||||
<%= safe_html_with_links investment.description %>
|
||||
<%= auto_link_already_sanitized_html investment.description %>
|
||||
|
||||
<% if feature?(:map) && map_location_available?(@investment.map_location) %>
|
||||
<div class="margin">
|
||||
@@ -52,7 +52,7 @@
|
||||
|
||||
<% if investment.external_url.present? %>
|
||||
<div class="document-link">
|
||||
<%= text_with_links investment.external_url %>
|
||||
<%= sanitize_and_auto_link investment.external_url %>
|
||||
</div>
|
||||
<% end %>
|
||||
|
||||
|
||||
@@ -9,7 +9,7 @@
|
||||
|
||||
<h1><%= @budget.name %></h1>
|
||||
|
||||
<%= safe_html_with_links(@budget.description) %>
|
||||
<%= auto_link_already_sanitized_html(@budget.description) %>
|
||||
</div>
|
||||
<div class="small-12 medium-3 column info padding" data-equalizer-watch>
|
||||
<p>
|
||||
|
||||
@@ -80,7 +80,7 @@
|
||||
<div class="comment-user
|
||||
<%= user_level_class comment %>
|
||||
<%= comment_author_class comment, comment.commentable.author_id %>">
|
||||
<%= simple_format text_with_links(comment.body), {}, sanitize: false %>
|
||||
<%= simple_format sanitize_and_auto_link(comment.body), {}, sanitize: false %>
|
||||
</div>
|
||||
|
||||
<div id="<%= dom_id(comment) %>_reply" class="reply">
|
||||
|
||||
@@ -30,7 +30,7 @@
|
||||
</span>
|
||||
</div>
|
||||
|
||||
<%= safe_html_with_links @debate.description %>
|
||||
<%= auto_link_already_sanitized_html @debate.description %>
|
||||
|
||||
<%= render "shared/tags", taggable: @debate %>
|
||||
|
||||
|
||||
@@ -10,6 +10,6 @@
|
||||
</div>
|
||||
|
||||
<h1><%= @direct_message.title %></h1>
|
||||
<p><%= simple_format text_with_links(@direct_message.body), {}, sanitize: false %></p>
|
||||
<p><%= simple_format sanitize_and_auto_link(@direct_message.body), {}, sanitize: false %></p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@@ -68,7 +68,7 @@
|
||||
</div>
|
||||
<% end %>
|
||||
|
||||
<%= safe_html_with_links @proposal.description %>
|
||||
<%= auto_link_already_sanitized_html @proposal.description %>
|
||||
|
||||
<% if @proposal.video_url.present? %>
|
||||
<div class="video-link">
|
||||
@@ -76,7 +76,7 @@
|
||||
<span class="icon-video"></span>
|
||||
<strong><%= t("proposals.show.title_video_url") %></strong>
|
||||
</p>
|
||||
<%= text_with_links @proposal.video_url %>
|
||||
<%= sanitize_and_auto_link @proposal.video_url %>
|
||||
</div>
|
||||
|
||||
<% end %>
|
||||
|
||||
@@ -13,7 +13,7 @@
|
||||
</p>
|
||||
|
||||
<p style="border-left: 2px solid #DEE0E3;font-family: 'Open Sans','Helvetica Neue',arial,sans-serif;font-size: 14px;font-style: italic;font-weight: normal;line-height: 24px;margin-left: 20px;padding: 10px;">
|
||||
<%= text_with_links @comment.body %>
|
||||
<%= sanitize_and_auto_link @comment.body %>
|
||||
</p>
|
||||
|
||||
<p style="font-family: 'Open Sans','Helvetica Neue',arial,sans-serif;font-size: 12px;font-weight: normal;line-height: 20px;">
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
</h1>
|
||||
|
||||
<div style="font-family: 'Open Sans','Helvetica Neue',arial,sans-serif;font-size: 14px;font-weight: normal;line-height: 24px;">
|
||||
<%= simple_format text_with_links(@direct_message.body), {}, sanitize: false %>
|
||||
<%= simple_format sanitize_and_auto_link(@direct_message.body), {}, sanitize: false %>
|
||||
</div>
|
||||
|
||||
<table style="width: 100%; border-top: 1px solid #DEE0E3; margin-top: 60px;">
|
||||
|
||||
@@ -10,6 +10,6 @@
|
||||
</h2>
|
||||
|
||||
<div style="font-family: 'Open Sans','Helvetica Neue',arial,sans-serif;font-size: 14px;font-weight: normal;line-height: 24px;">
|
||||
<%= simple_format text_with_links(@direct_message.body), {}, sanitize: false %>
|
||||
<%= simple_format sanitize_and_auto_link(@direct_message.body), {}, sanitize: false %>
|
||||
</div>
|
||||
</td>
|
||||
|
||||
@@ -14,6 +14,6 @@
|
||||
|
||||
<%= t("mailers.evaluation_comment.commenter_info", commenter: @email.comment.author.name, time: l(@email.comment.created_at)) %>
|
||||
<div style="border-left: 2px solid #DEE0E3;font-family: 'Open Sans','Helvetica Neue',arial,sans-serif;font-size: 14px;font-style: italic;font-weight: normal;line-height: 24px;margin-left: 20px;padding: 10px;">
|
||||
<%= simple_format text_with_links(@email.comment.body), {}, sanitize: false %>
|
||||
<%= simple_format sanitize_and_auto_link(@email.comment.body), {}, sanitize: false %>
|
||||
</div>
|
||||
</td>
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
<td style="padding-bottom: 20px; padding-left: 10px;">
|
||||
<p style="font-family: 'Open Sans','Helvetica Neue',arial,sans-serif;font-size: 14px;line-height: 24px;">
|
||||
<%= safe_html_with_links WYSIWYGSanitizer.new.sanitize(@newsletter.body) %>
|
||||
<%= auto_link_already_sanitized_html WYSIWYGSanitizer.new.sanitize(@newsletter.body) %>
|
||||
</p>
|
||||
</td>
|
||||
|
||||
@@ -13,7 +13,7 @@
|
||||
</p>
|
||||
|
||||
<div style="border-left: 2px solid #DEE0E3;font-family: 'Open Sans','Helvetica Neue',arial,sans-serif;font-size: 14px;font-style: italic;font-weight: normal;line-height: 24px;margin-left: 20px;padding: 10px;">
|
||||
<%= simple_format text_with_links(@email.reply.body), {}, sanitize: false %>
|
||||
<%= simple_format sanitize_and_auto_link(@email.reply.body), {}, sanitize: false %>
|
||||
</div>
|
||||
|
||||
<p style="font-family: 'Open Sans','Helvetica Neue',arial,sans-serif;font-size: 12px;font-weight: normal;line-height: 20px;">
|
||||
|
||||
@@ -25,7 +25,7 @@
|
||||
<%= image_tag(milestone.image_url(:large), { id: "image_#{milestone.id}", alt: milestone.image.title, class: "margin" }) if milestone.image.present? %>
|
||||
|
||||
<p>
|
||||
<%= text_with_links milestone.description %>
|
||||
<%= sanitize_and_auto_link milestone.description %>
|
||||
</p>
|
||||
|
||||
<% if milestone.documents.present? %>
|
||||
|
||||
@@ -9,7 +9,7 @@
|
||||
<h2><%= @custom_page.subtitle %></h2>
|
||||
<% end %>
|
||||
|
||||
<%= safe_html_with_links AdminWYSIWYGSanitizer.new.sanitize(@custom_page.content) %>
|
||||
<%= auto_link_already_sanitized_html AdminWYSIWYGSanitizer.new.sanitize(@custom_page.content) %>
|
||||
</div>
|
||||
|
||||
<% if @custom_page.print_content_flag %>
|
||||
|
||||
@@ -9,7 +9,7 @@
|
||||
|
||||
<h1><%= @poll.name %></h1>
|
||||
|
||||
<%= safe_html_with_links simple_format(@poll.summary) %>
|
||||
<%= auto_link_already_sanitized_html simple_format(@poll.summary) %>
|
||||
|
||||
<% if @poll.geozones.any? %>
|
||||
<ul class="no-bullet margin-top tags">
|
||||
|
||||
@@ -14,7 +14,7 @@
|
||||
<div class="small-12 column">
|
||||
<% if show_polls_description? %>
|
||||
<div class="polls-description">
|
||||
<%= safe_html_with_links WYSIWYGSanitizer.new.sanitize(@active_poll.description) %>
|
||||
<%= auto_link_already_sanitized_html WYSIWYGSanitizer.new.sanitize(@active_poll.description) %>
|
||||
</div>
|
||||
<% end %>
|
||||
|
||||
|
||||
@@ -41,7 +41,7 @@
|
||||
<div class="row margin">
|
||||
<div class="small-12 medium-9 column">
|
||||
<h3><%= t("polls.show.more_info_title") %></h3>
|
||||
<%= safe_html_with_links simple_format(@poll.description) %>
|
||||
<%= auto_link_already_sanitized_html simple_format(@poll.description) %>
|
||||
</div>
|
||||
|
||||
<% if false %>
|
||||
|
||||
@@ -39,7 +39,7 @@
|
||||
</div>
|
||||
<% end %>
|
||||
|
||||
<%= safe_html_with_links @proposal.description %>
|
||||
<%= auto_link_already_sanitized_html @proposal.description %>
|
||||
|
||||
<% if feature?(:map) && map_location_available?(@proposal.map_location) %>
|
||||
<div class="margin">
|
||||
@@ -53,7 +53,7 @@
|
||||
<span class="icon-video"></span>
|
||||
<strong><%= t("proposals.show.title_video_url") %></strong>
|
||||
</p>
|
||||
<%= text_with_links @proposal.video_url %>
|
||||
<%= sanitize_and_auto_link @proposal.video_url %>
|
||||
</div>
|
||||
<% end %>
|
||||
|
||||
@@ -63,7 +63,7 @@
|
||||
<%= t("proposals.show.retired") %>:
|
||||
<%= t("proposals.retire_options.#{@proposal.retired_reason}") unless @proposal.retired_reason == "other" %>
|
||||
</h2>
|
||||
<%= simple_format text_with_links(@proposal.retired_explanation), {}, sanitize: false %>
|
||||
<%= simple_format sanitize_and_auto_link(@proposal.retired_explanation), {}, sanitize: false %>
|
||||
</div>
|
||||
<% end %>
|
||||
|
||||
|
||||
@@ -11,7 +11,7 @@
|
||||
<div id="<%= dom_id(notification) %>">
|
||||
<h3><%= notification.title %></h3>
|
||||
<p class="more-info"><%= notification.created_at.to_date %></p>
|
||||
<%= simple_format text_with_links(notification.body), {}, sanitize: false %>
|
||||
<%= simple_format sanitize_and_auto_link(notification.body), {}, sanitize: false %>
|
||||
|
||||
<span class="js-flag-actions">
|
||||
<%= render "proposal_notifications/actions", notification: notification %>
|
||||
|
||||
@@ -7,6 +7,6 @@
|
||||
|
||||
<h1><%= @investment.title %></h1>
|
||||
|
||||
<%= safe_html_with_links @investment.description %>
|
||||
<%= auto_link_already_sanitized_html @investment.description %>
|
||||
|
||||
<%= render "tracking/milestones/milestones", milestoneable: @investment %>
|
||||
|
||||
@@ -3,10 +3,10 @@
|
||||
<h2><%= t("tracking.budget_investments.show.title") %> <%= @investment.id %> </h2>
|
||||
<h1><%= @investment.title %></h1>
|
||||
|
||||
<%= safe_html_with_links @investment.description %>
|
||||
<%= auto_link_already_sanitized_html @investment.description %>
|
||||
|
||||
<% if @investment.external_url.present? %>
|
||||
<p><%= text_with_links @investment.external_url %></p>
|
||||
<p><%= sanitize_and_auto_link @investment.external_url %></p>
|
||||
<% end %>
|
||||
|
||||
<h2><%= t("tracking.budget_investments.show.info") %></h2>
|
||||
|
||||
@@ -18,7 +18,7 @@
|
||||
</hr>
|
||||
|
||||
<% if @investment.external_url.present? %>
|
||||
<p><%= text_with_links @investment.external_url %></p>
|
||||
<p><%= sanitize_and_auto_link @investment.external_url %></p>
|
||||
<% end %>
|
||||
|
||||
<hr>
|
||||
|
||||
@@ -12,7 +12,7 @@ namespace :proposals do
|
||||
model.find_each do |resource|
|
||||
if resource.external_url.present?
|
||||
Globalize.with_locale(I18n.default_locale) do
|
||||
new_description = "#{resource.description} <p>#{text_with_links(resource.external_url)}</p>"
|
||||
new_description = "#{resource.description} <p>#{sanitize_and_auto_link(resource.external_url)}</p>"
|
||||
resource.description = new_description
|
||||
resource.external_url = ""
|
||||
resource.updated_at = Time.current
|
||||
|
||||
Reference in New Issue
Block a user