Ensure simple_format escapes its html attributes

The previous behavior equated the sanitize option for simple_format with the escape option of content_tag, however these are two distinct concepts. This fixes CVE-2013-6416 Conflicts: actionview/lib/action_view/helpers/text_helper.rb
author: Michael Koziarski <michael@koziarski.com> 2013-11-19 09:00:08 +1300
committer: Aaron Patterson <aaron.patterson@gmail.com> 2013-12-02 16:42:07 -0800
commit: bea9c9b4c0f9bb7356ea2058118fe40495432010 (patch)
tree: 477cc678a86d5d6b04807f12b9ea3cf1eb9136ff /actionview/lib/action_view
parent: b31a7a6f1ec3c74f75b4cd12386b08295287418d (diff)
download: rails-bea9c9b4c0f9bb7356ea2058118fe40495432010.tar.gz
rails-bea9c9b4c0f9bb7356ea2058118fe40495432010.tar.bz2
rails-bea9c9b4c0f9bb7356ea2058118fe40495432010.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/actionview/lib/action_view/helpers/text_helper.rb b/actionview/lib/action_view/helpers/text_helper.rb
index b0e4aa3cd3..0c956670b6 100644
--- a/actionview/lib/action_view/helpers/text_helper.rb
+++ b/actionview/lib/action_view/helpers/text_helper.rb
@@ -268,7 +268,7 @@ module ActionView
           content_tag(wrapper_tag, nil, html_options)
         else
           paragraphs.map! { |paragraph|
-            content_tag(wrapper_tag, paragraph, html_options, false)
+            content_tag(wrapper_tag, raw(paragraph), html_options, false)
           }.join("\n\n").html_safe
         end
       end
author	Michael Koziarski <michael@koziarski.com>	2013-11-19 09:00:08 +1300
committer	Aaron Patterson <aaron.patterson@gmail.com>	2013-12-02 16:42:07 -0800
commit	bea9c9b4c0f9bb7356ea2058118fe40495432010 (patch)
tree	477cc678a86d5d6b04807f12b9ea3cf1eb9136ff /actionview/lib/action_view
parent	b31a7a6f1ec3c74f75b4cd12386b08295287418d (diff)
download	rails-bea9c9b4c0f9bb7356ea2058118fe40495432010.tar.gz rails-bea9c9b4c0f9bb7356ea2058118fe40495432010.tar.bz2 rails-bea9c9b4c0f9bb7356ea2058118fe40495432010.zip