Use raw instead of html_safe

They do the exact same thing; however `html_safe` might confuse
developers into thinking it will make the HTML safe. Using `raw` makes
it clear that we're inserting the text without escaping it.

app/helpers/text_with_links_helper.rb

@@ -10,7 +10,7 @@ module TextWithLinksHelper
     return if html.nil?
     raise "Could not add links because the content is not safe" unless html.html_safe?
 
-    Rinku.auto_link(html, :all, 'target="_blank" rel="nofollow"').html_safe
+    raw Rinku.auto_link(html, :all, 'target="_blank" rel="nofollow"')
   end
 
   def simple_format_no_tags_no_sanitize(html)

app/views/admin/site_customization/content_blocks/index.html.erb

@@ -32,7 +32,7 @@
     <% @content_blocks.each do |content_block| %>
       <tr id="<%= dom_id(content_block) %>">
         <td><%= link_to "#{content_block.name} (#{content_block.locale})", edit_admin_site_customization_content_block_path(content_block) %></td>
-        <td><%= content_block.body.html_safe %></td>
+        <td><%= raw content_block.body %></td>
         <td>
           <%= link_to t("admin.site_customization.content_blocks.index.delete"),
                         admin_site_customization_content_block_path(content_block),
@@ -43,7 +43,7 @@
     <% @headings_content_blocks.each do |content_block| %>
       <tr id="<%= dom_id(content_block) %>">
         <td><%= link_to "#{content_block.heading.name} (#{content_block.locale})", admin_site_customization_edit_heading_content_block_path(content_block) %></td>
-        <td><%= content_block.body.html_safe %></td>
+        <td><%= raw content_block.body %></td>
         <td>
           <%= link_to t("admin.site_customization.content_blocks.index.delete"),
                         admin_site_customization_delete_heading_content_block_path(content_block.id),

app/views/comments/_form.html.erb

@@ -1,7 +1,7 @@
 <% valuation = local_assigns.fetch(:valuation, false) %>
 <% cache [locale_and_user_status, parent_id, commentable_cache_key(commentable), valuation] do %>
   <% css_id = parent_or_commentable_dom_id(parent_id, commentable) %>
-  <div id="js-comment-form-<%= css_id %>" <%= "style='display:none'".html_safe if toggeable %> class="comment-form">
+  <div id="js-comment-form-<%= css_id %>" <%= raw("style='display:none'") if toggeable %> class="comment-form">
     <%= form_for Comment.new, remote: true do |f| %>
       <%= f.text_area :body,
         id: "comment-body-#{css_id}",

app/views/layouts/application.html.erb

@@ -11,10 +11,10 @@
                      type: "image/png" %>
     <%= content_for :social_media_meta_tags %>
 
-    <%= setting["html.per_page_code_head"].try(:html_safe) %>
+    <%= raw setting["html.per_page_code_head"] %>
   </head>
   <body class="<%= yield (:body_class) %>">
-    <%= setting["html.per_page_code_body"].try(:html_safe) %>
+    <%= raw setting["html.per_page_code_body"] %>
 
     <h1 class="show-for-sr"><%= setting["org_name"] %></h1>
 

app/views/layouts/dashboard.html.erb

@@ -18,10 +18,10 @@
                      type: "image/png" %>
     <%= content_for :social_media_meta_tags %>
 
-    <%= setting["per_page_code_head"].try(:html_safe) %>
+    <%= raw setting["per_page_code_head"] %>
   </head>
   <body class="proposal-dashboard">
-    <%= setting["per_page_code_body"].try(:html_safe) %>
+    <%= raw setting["per_page_code_body"] %>
 
     <h1 class="show-for-sr"><%= setting["org_name"] %></h1>
 

app/views/layouts/devise.html.erb

@@ -3,11 +3,11 @@
   <head>
     <%= render "layouts/common_head", default_title: "Gobierno abierto" %>
     <%= render "layouts/meta_tags" %>
-    <%= setting["html.per_page_code_head"].try(:html_safe) %>
+    <%= raw setting["html.per_page_code_head"] %>
   </head>
 
   <body class="auth-page">
-    <%= setting["html.per_page_code_body"].try(:html_safe) %>
+    <%= raw setting["html.per_page_code_body"] %>
     <div class="wrapper">
       <div class="auth-image small-12 medium-3 column">
         <h1 class="logo margin">

app/views/layouts/proposals_dashboard.html.erb

@@ -18,10 +18,10 @@
                      type: "image/png" %>
     <%= content_for :social_media_meta_tags %>
 
-    <%= setting["per_page_code_head"].try(:html_safe) %>
+    <%= raw setting["per_page_code_head"] %>
   </head>
   <body class="proposal-dashboard">
-    <%= setting["per_page_code_body"].try(:html_safe) %>
+    <%= raw setting["per_page_code_body"] %>
 
     <h1 class="show-for-sr"><%= setting["org_name"] %></h1>