diff options
| author | Eric Davis <edavis@littlestreamsoftware.com> | 2010-06-24 02:35:24 +0000 |
|---|---|---|
| committer | Eric Davis <edavis@littlestreamsoftware.com> | 2010-06-24 02:35:24 +0000 |
| commit | 6eea3300f88a943015979a22d224c3c51799cb45 (patch) | |
| tree | 1c8a4b9be9e6dc9f4e26d8314a8dfb6dac999869 | |
| parent | 68bdbbac7d7d954182837be9afcce9d5aaf5e705 (diff) | |
| download | redmine-6eea3300f88a943015979a22d224c3c51799cb45.tar.gz redmine-6eea3300f88a943015979a22d224c3c51799cb45.zip | |
Sanitize image links and handle nils in the toc formatter. #5445
Based on contribution by Yuki Kita.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3811 e93f8b46-1217-0410-a6f0-8f06a7374b81
| -rw-r--r-- | lib/redmine/wiki_formatting/textile/formatter.rb | 4 | ||||
| -rw-r--r-- | test/unit/helpers/application_helper_test.rb | 6 |
2 files changed, 8 insertions, 2 deletions
diff --git a/lib/redmine/wiki_formatting/textile/formatter.rb b/lib/redmine/wiki_formatting/textile/formatter.rb index abffdbcbf..a622e8039 100644 --- a/lib/redmine/wiki_formatting/textile/formatter.rb +++ b/lib/redmine/wiki_formatting/textile/formatter.rb @@ -67,7 +67,9 @@ module Redmine toc_item = content.gsub(/(\[\[([^\]\|]*)(\|([^\]]*))?\]\])/) { $4 || $2 } # sanitizes titles from links # see redcloth3.rb, same as "#{pre}#{text}#{post}" - toc_item.gsub!(LINK_RE) { $2+$4+$9 } + toc_item.gsub!(LINK_RE) { [$2, $4, $9].join } + # sanitizes image links from titles + toc_item.gsub!(IMAGE_RE) { [$5].join } # removes styles # eg. %{color:red}Triggers% => Triggers toc_item.gsub! %r[%\{[^\}]*\}([^%]+)%], '\\1' diff --git a/test/unit/helpers/application_helper_test.rb b/test/unit/helpers/application_helper_test.rb index 534135ecd..90d342898 100644 --- a/test/unit/helpers/application_helper_test.rb +++ b/test/unit/helpers/application_helper_test.rb @@ -421,6 +421,9 @@ h2. Subtitle with %{color:red}red text% h1. Another title h2. An "Internet link":http://www.redmine.org/ inside subtitle + +h2. "Project Name !/attachments/1234/logo_small.gif! !/attachments/5678/logo_2.png!":/projects/projectname/issues + RAW expected = '<ul class="toc">' + @@ -430,8 +433,9 @@ RAW '<li class="heading2"><a href="#Subtitle-with-red-text">Subtitle with red text</a></li>' + '<li class="heading1"><a href="#Another-title">Another title</a></li>' + '<li class="heading2"><a href="#An-Internet-link-inside-subtitle">An Internet link inside subtitle</a></li>' + + '<li class="heading2"><a href="#Project-Name">Project Name</a></li>' + '</ul>' - + assert textilizable(raw).gsub("\n", "").include?(expected) end |