From: Jean-Philippe Lang <jp_lang@yahoo.fr>
Date: Wed, 25 Jan 2017 16:04:51 +0000 (+0000)
Subject: Use #html_safe first.
X-Git-Tag: 3.4.0~358
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=0ac50cc8cc9c528f94ca40020c47dd4d108905d3;p=redmine.git

Use #html_safe first.

git-svn-id: http://svn.redmine.org/redmine/trunk@16256 e93f8b46-1217-0410-a6f0-8f06a7374b81
---

diff --git a/app/helpers/issues_helper.rb b/app/helpers/issues_helper.rb
index 29f469121..a9e1ab1c0 100644
--- a/app/helpers/issues_helper.rb
+++ b/app/helpers/issues_helper.rb
@@ -256,7 +256,7 @@ module IssuesHelper
     values = issue.visible_custom_field_values.select {|value| value.custom_field.full_width_layout?}
     return if values.empty?
 
-    s = ''
+    s = ''.html_safe
     values.each_with_index do |value, i|
       if value.custom_field.text_formatting == 'full'
         attr_value = content_tag('div', show_value(value), class: 'wiki')
@@ -269,7 +269,7 @@ module IssuesHelper
           content_tag('div', attr_value, class: 'value')
       s << content_tag('div', content, class: "cf_#{value.custom_field.id} attribute")
     end
-    s.html_safe
+    s
   end
 
   # Returns the path for updating the issue form