Javi Martín 8b73cfc019 Sanitize annotation context before displaying it ...

There's a case where we would face a Cross-Site Scripting attack. An
attacker could use the browser's developer tools to add (on their
browser) a `<code>` tag with a `<script>` tag inside in the text of the
draft version. After doing so, commenting on that text would result in
the attacker's JavaScript being executed.

2019-10-08 18:46:20 +02:00

..

controllers

Add and apply Style/BlockDelimiters rubocop rule

2019-10-05 14:44:14 +02:00

factories

Remove unused block arguments

2019-10-05 15:03:26 +02:00

features

Sanitize annotation context before displaying it

2019-10-08 18:46:20 +02:00

fixtures/files

Add local_census_records importation model

2019-07-29 13:07:24 +02:00

helpers

Simplify testing arrays exact contents

2019-09-29 23:24:53 +02:00

lib

Add and apply ParenthesesAsGroupedExpression rule

2019-10-05 15:03:26 +02:00

mailers

Add and apply Style/BlockDelimiters rubocop rule

2019-10-05 14:44:14 +02:00

models

Split Poll::Booth.search in two methods

2019-10-07 14:30:39 +02:00

requests/dashboard

Remove unused variables

2019-09-29 22:31:13 +02:00

shared

Remove unused block arguments

2019-10-05 15:03:26 +02:00

support

Use the same key for "signin" and "signup" texts

2019-10-05 14:07:23 +02:00

views/welcome

Add rubocop spacing rules

2019-09-10 21:04:56 +02:00

customization_engine_spec.rb

Change single quotes to double quotes

2019-02-15 11:40:39 +01:00

i18n_spec.rb

Add rubocop spacing rules

2019-09-10 21:04:56 +02:00

rails_helper.rb

Merge pull request #3537 from PierreMesure/set-locales-in-test-environment

2019-09-11 18:43:03 +02:00

sessions_helper.rb

use Capybara.using_session method for multiple browsers specs

2018-12-02 18:12:30 +01:00

spec_helper.rb

Let Globalize use I18n locale

2019-09-23 18:01:44 +02:00