Allow html in email agents, proected by sanitize
Dominik Sander
1 fichiers modifiés avec 3 ajouts et 3 suppressions
+ 3
- 3
app/views/system_mailer/send_message.html.erb
@@ -5,14 +5,14 @@ |
||
| 5 | 5 |
</head> |
| 6 | 6 |
<body> |
| 7 | 7 |
<% if @headline %> |
| 8 |
- <h1><%= @headline %></h1> |
|
| 8 |
+ <h1><%= sanitize @headline %></h1> |
|
| 9 | 9 |
<% end %> |
| 10 | 10 |
<% @groups.each do |group| %> |
| 11 | 11 |
<div style='margin-bottom: 10px;'> |
| 12 |
- <div><%= group[:title] %></div> |
|
| 12 |
+ <div><%= sanitize group[:title] %></div> |
|
| 13 | 13 |
<% group[:entries].each do |entry| %> |
| 14 | 14 |
<div style='margin-left: 10px;'> |
| 15 |
- <%= entry %> |
|
| 15 |
+ <%= sanitize entry %> |
|
| 16 | 16 |
</div> |
| 17 | 17 |
<% end %> |
| 18 | 18 |
</div> |