summaryrefslogtreecommitdiffstats
path: root/lib/redmine/field_format.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/redmine/field_format.rb')
-rw-r--r--lib/redmine/field_format.rb12
1 files changed, 7 insertions, 5 deletions
diff --git a/lib/redmine/field_format.rb b/lib/redmine/field_format.rb
index 5068667e1..759a4a2b0 100644
--- a/lib/redmine/field_format.rb
+++ b/lib/redmine/field_format.rb
@@ -255,15 +255,18 @@ module Redmine
[text, url]
end
links = texts_and_urls.sort_by(&:first).map do |text, url|
- css_class = (/^https?:\/\//.match?(url)) ? 'external' : nil
- view.link_to_if uri_with_safe_scheme?(url), text, url, :class => css_class
+ view.link_to text, url
end
- links.join(', ').html_safe
+ sanitize_html links.join(', ')
else
casted
end
end
+ def sanitize_html(html)
+ Redmine::WikiFormatting::HtmlSanitizer.call(html).html_safe
+ end
+
# Returns an URL generated with the custom field URL pattern
# and variables substitution:
# %value% => the custom field value
@@ -463,8 +466,7 @@ module Redmine
url = "http://" + url
end
end
- css_class = (/^https?:\/\//.match?(url)) ? 'external' : nil
- view.link_to value.to_s.truncate(40), url, :class => css_class
+ sanitize_html view.link_to(value.to_s.truncate(40), url)
else
value.to_s
end