mail_to with :encode => :javascript now outputs safe html

Signed-off-by: Carl Lerche <carllerche@mac.com>
author: Sam Elliott <sam@lenary.co.uk> 2010-04-16 23:24:57 +0100
committer: Carl Lerche <carllerche@mac.com> 2010-04-16 15:53:55 -0700
commit: c16c248912e4ae3b6a64e6acdbf1a1e0dd2feb26 (patch)
tree: 5f021a613464f19150f818422efe9fbdee614361 /actionpack/lib/action_view/helpers
parent: ac015b1d07241f9702af41b079d27985c9b9a20f (diff)
download: rails-c16c248912e4ae3b6a64e6acdbf1a1e0dd2feb26.tar.gz
rails-c16c248912e4ae3b6a64e6acdbf1a1e0dd2feb26.tar.bz2
rails-c16c248912e4ae3b6a64e6acdbf1a1e0dd2feb26.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/actionpack/lib/action_view/helpers/url_helper.rb b/actionpack/lib/action_view/helpers/url_helper.rb
index 0b748d700b..4ffc5ea127 100644
--- a/actionpack/lib/action_view/helpers/url_helper.rb
+++ b/actionpack/lib/action_view/helpers/url_helper.rb
@@ -504,7 +504,7 @@ module ActionView
           "document.write('#{content_tag("a", name || email_address_obfuscated.html_safe, html_options.merge({ "href" => "mailto:"+email_address+extras }))}');".each_byte do |c|
             string << sprintf("%%%x", c)
           end
-          "<script type=\"#{Mime::JS}\">eval(decodeURIComponent('#{string}'))</script>"
+          "<script type=\"#{Mime::JS}\">eval(decodeURIComponent('#{string}'))</script>".html_safe
         elsif encode == "hex"
           email_address_encoded = ''
           email_address_obfuscated.each_byte do |c|
author	Sam Elliott <sam@lenary.co.uk>	2010-04-16 23:24:57 +0100
committer	Carl Lerche <carllerche@mac.com>	2010-04-16 15:53:55 -0700
commit	c16c248912e4ae3b6a64e6acdbf1a1e0dd2feb26 (patch)
tree	5f021a613464f19150f818422efe9fbdee614361 /actionpack/lib/action_view/helpers
parent	ac015b1d07241f9702af41b079d27985c9b9a20f (diff)
download	rails-c16c248912e4ae3b6a64e6acdbf1a1e0dd2feb26.tar.gz rails-c16c248912e4ae3b6a64e6acdbf1a1e0dd2feb26.tar.bz2 rails-c16c248912e4ae3b6a64e6acdbf1a1e0dd2feb26.zip