diff options
| author | Go MAEDA <maeda@farend.jp> | 2019-02-11 15:55:31 +0000 |
|---|---|---|
| committer | Go MAEDA <maeda@farend.jp> | 2019-02-11 15:55:31 +0000 |
| commit | cbc34f2c5b3cc0e40144886cc37d5c6c1ec9839e (patch) | |
| tree | 40506577c8bab35b808f6c8bd876cf85fe7e3fe4 /lib | |
| parent | 5f00398004d1a7f5ea3cc4b8f798b7177adbe2ba (diff) | |
| download | redmine-cbc34f2c5b3cc0e40144886cc37d5c6c1ec9839e.tar.gz redmine-cbc34f2c5b3cc0e40144886cc37d5c6c1ec9839e.zip | |
Preview URL in Wiki Toolbar should be escaped (#30758).
Patch by Vincent Robert.
git-svn-id: http://svn.redmine.org/redmine/trunk@17856 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/redmine/wiki_formatting/markdown/helper.rb | 2 | ||||
| -rw-r--r-- | lib/redmine/wiki_formatting/textile/helper.rb | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/lib/redmine/wiki_formatting/markdown/helper.rb b/lib/redmine/wiki_formatting/markdown/helper.rb index fac2f8bf3..fb9f1a939 100644 --- a/lib/redmine/wiki_formatting/markdown/helper.rb +++ b/lib/redmine/wiki_formatting/markdown/helper.rb @@ -22,7 +22,7 @@ module Redmine def wikitoolbar_for(field_id, preview_url = preview_text_path) heads_for_wiki_formatter url = "#{Redmine::Utils.relative_url_root}/help/#{current_language.to_s.downcase}/wiki_syntax_markdown.html" - javascript_tag("var wikiToolbar = new jsToolBar(document.getElementById('#{field_id}')); wikiToolbar.setHelpLink('#{escape_javascript url}'); wikiToolbar.setPreviewUrl('#{preview_url}'); wikiToolbar.draw();") + javascript_tag("var wikiToolbar = new jsToolBar(document.getElementById('#{field_id}')); wikiToolbar.setHelpLink('#{escape_javascript url}'); wikiToolbar.setPreviewUrl('#{escape_javascript preview_url}'); wikiToolbar.draw();") end def initial_page_content(page) diff --git a/lib/redmine/wiki_formatting/textile/helper.rb b/lib/redmine/wiki_formatting/textile/helper.rb index 6e8ba9812..e536a29dc 100644 --- a/lib/redmine/wiki_formatting/textile/helper.rb +++ b/lib/redmine/wiki_formatting/textile/helper.rb @@ -23,7 +23,7 @@ module Redmine heads_for_wiki_formatter # Is there a simple way to link to a public resource? url = "#{Redmine::Utils.relative_url_root}/help/#{current_language.to_s.downcase}/wiki_syntax_textile.html" - javascript_tag("var wikiToolbar = new jsToolBar(document.getElementById('#{field_id}')); wikiToolbar.setHelpLink('#{escape_javascript url}'); wikiToolbar.setPreviewUrl('#{preview_url}'); wikiToolbar.draw();") + javascript_tag("var wikiToolbar = new jsToolBar(document.getElementById('#{field_id}')); wikiToolbar.setHelpLink('#{escape_javascript url}'); wikiToolbar.setPreviewUrl('#{escape_javascript preview_url}'); wikiToolbar.draw();") end def initial_page_content(page) |