6b1864fbcd
Using the `_html` suffix in an i18n key is the same as using `html_safe` on it, which means that translation could potentially be used for XSS attacks.
18 lines
602 B
Plaintext
18 lines
602 B
Plaintext
<% if resource.errors.any? %>
|
|
<div id="error_explanation" data-alert class="callout alert" data-closable>
|
|
<button class="close-button" aria-label="<%= t("application.close") %>" type="button" data-close>
|
|
<span aria-hidden="true">×</span>
|
|
</button>
|
|
|
|
<strong>
|
|
<%= pluralize resource.errors.count, t("form.error"), t("form.errors") %>
|
|
|
|
<% if local_assigns[:message].present? %>
|
|
<%= message %>
|
|
<% else %>
|
|
<%= sanitize(t("form.not_saved", resource: t("form.#{resource.class.to_s.underscore}"))) %>
|
|
<% end %>
|
|
</strong>
|
|
</div>
|
|
<% end %>
|