Sanitize glm helper

2012-09-01 23:35:04 +03:00 · 2012-09-01 23:35:04 +03:00 · beb5e1bd6b
parent adeeae9f73
commit beb5e1bd6b
3 changed files with 8 additions and 3 deletions
--- a/app/assets/stylesheets/sections/notes.scss
+++ b/app/assets/stylesheets/sections/notes.scss
@ -31,7 +31,7 @@

 #new_note {
  .note-text {
-    height:25px;
+    height:40px;
  }
  .attach_holder {
    display:none;
@ -212,3 +212,8 @@ td .line_note_link {
    }
  }
 }
+
+.note-text { 
+  border: 1px solid #aaa;
+  box-shadow:none;
+}
--- a/app/helpers/gitlab_markdown_helper.rb
+++ b/app/helpers/gitlab_markdown_helper.rb
@ -31,7 +31,7 @@ module GitlabMarkdownHelper
      extractions[$1]
    end

-    text.html_safe
+    sanitize text.html_safe
  end

  # Use this in places where you would normally use link_to(gfm(...), ...).
--- a/app/views/notes/_per_line_form.html.haml
+++ b/app/views/notes/_per_line_form.html.haml
@ -16,7 +16,7 @@
            = f.text_area :note,  size: 255, class: 'line-note-text'
            .note_actions
              .buttons
-                = f.submit 'Add note', class: "btn primary submit_note submit_inline_note", id: "submit_note"
+                = f.submit 'Add note', class: "btn save-btn submit_note submit_inline_note", id: "submit_note"
                = link_to "Cancel", "#", class: "btn hide-button"
              .options
                %h6.left Notify via email: