diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2013-05-31 20:47:38 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2013-05-31 20:47:38 +0000 |
| commit | 5a90b6d0b52cbe419ba2f6d3f7f693beecd4d5d0 (patch) | |
| tree | 35f2e807912bedcd9a75b56c6c7502f9b2aeeadd | |
| parent | bc75b155463318adc2dd1c811414624d3338f1f3 (diff) | |
| download | redmine-5a90b6d0b52cbe419ba2f6d3f7f693beecd4d5d0.tar.gz redmine-5a90b6d0b52cbe419ba2f6d3f7f693beecd4d5d0.zip | |
Fixed that project name is not properly escaped in issue filters (#14186).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@11915 e93f8b46-1217-0410-a6f0-8f06a7374b81
| -rw-r--r-- | app/views/queries/_filters.html.erb | 2 | ||||
| -rw-r--r-- | test/unit/helpers/application_helper_test.rb | 10 |
2 files changed, 11 insertions, 1 deletions
diff --git a/app/views/queries/_filters.html.erb b/app/views/queries/_filters.html.erb index 795f8075f..ba5d2dbae 100644 --- a/app/views/queries/_filters.html.erb +++ b/app/views/queries/_filters.html.erb @@ -3,7 +3,7 @@ var operatorLabels = <%= raw_json Query.operators_labels %>; var operatorByType = <%= raw_json Query.operators_by_filter_type %>; var availableFilters = <%= raw_json query.available_filters_as_json %>; var labelDayPlural = <%= raw_json l(:label_day_plural) %>; -var allProjects = <%= raw query.all_projects_values.to_json %>; +var allProjects = <%= raw_json query.all_projects_values %>; $(document).ready(function(){ initFilters(); <% query.filters.each do |field, options| %> diff --git a/test/unit/helpers/application_helper_test.rb b/test/unit/helpers/application_helper_test.rb index d4b030d0a..18d0372c3 100644 --- a/test/unit/helpers/application_helper_test.rb +++ b/test/unit/helpers/application_helper_test.rb @@ -1219,4 +1219,14 @@ RAW def test_javascript_include_tag_for_plugin_should_pick_the_plugin_javascript assert_match 'src="/plugin_assets/foo/javascripts/scripts.js"', javascript_include_tag("scripts", :plugin => :foo) end + + def test_raw_json_should_escape_closing_tags + s = raw_json(["<foo>bar</foo>"]) + assert_equal '["<foo>bar<\/foo>"]', s + end + + def test_raw_json_should_be_html_safe + s = raw_json(["foo"]) + assert s.html_safe? + end end |