diff options
author | Matthew Draper <matthew@trebex.net> | 2014-06-14 06:29:10 +0930 |
---|---|---|
committer | Matthew Draper <matthew@trebex.net> | 2014-06-14 06:33:21 +0930 |
commit | c28e436aae4a13225d86e00094a5fa72d82fc297 (patch) | |
tree | 44c879652aeac46e3e9df3976093ec28357758dd /actionview/lib/action_view/helpers/url_helper.rb | |
parent | b0f07abbe385463cb03cfc890b85bb8ce3d5ccef (diff) | |
parent | 19af434840802ca0feb39253241917286467a86e (diff) | |
download | rails-c28e436aae4a13225d86e00094a5fa72d82fc297.tar.gz rails-c28e436aae4a13225d86e00094a5fa72d82fc297.tar.bz2 rails-c28e436aae4a13225d86e00094a5fa72d82fc297.zip |
Merge pull request #15693 from pdg137/enforce_utf8
In actionview, eliminate calls to tag that use html_safe parameter values.
Diffstat (limited to 'actionview/lib/action_view/helpers/url_helper.rb')
-rw-r--r-- | actionview/lib/action_view/helpers/url_helper.rb | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/actionview/lib/action_view/helpers/url_helper.rb b/actionview/lib/action_view/helpers/url_helper.rb index 9a9777317a..c3be47133c 100644 --- a/actionview/lib/action_view/helpers/url_helper.rb +++ b/actionview/lib/action_view/helpers/url_helper.rb @@ -462,8 +462,6 @@ module ActionView # <strong>Email me:</strong> <span>me@domain.com</span> # </a> def mail_to(email_address, name = nil, html_options = {}, &block) - email_address = ERB::Util.unwrapped_html_escape(email_address) - html_options, name = name, nil if block_given? html_options = (html_options || {}).stringify_keys @@ -471,11 +469,11 @@ module ActionView option = html_options.delete(item) || next "#{item}=#{Rack::Utils.escape_path(option)}" }.compact - extras = extras.empty? ? '' : '?' + ERB::Util.unwrapped_html_escape(extras.join('&')) + extras = extras.empty? ? '' : '?' + extras.join('&') - html_options["href"] = "mailto:#{email_address}#{extras}".html_safe + html_options["href"] = "mailto:#{email_address}#{extras}" - content_tag(:a, name || email_address.html_safe, html_options, &block) + content_tag(:a, name || email_address, html_options, &block) end # True if the current request URI was generated by the given +options+. |