Skip to content

O
OHR Support
Commit 026fbb99 authored by Jean-Philippe Lang's avatar Jean-Philippe Lang
Browse files
Options

Escaping in html email templates (#4874). 

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3452 e93f8b46-1217-0410-a6f0-8f06a7374b81
parent d18fba4f
Hide whitespace changes
Inline Side-by-side
Showing with 21 additions and 21 deletions
app/views/mailer/_issue_text_html.rhtml
View file @ 026fbb99
<h1><%= link_to "#{issue.tracker.name} ##{issue.id}: #{issue.subject}", issue_url %></h1>
<h1><%= link_to(h("#{issue.tracker.name} ##{issue.id}: #{issue.subject}"), issue_url) %></h1>
<ul>
<li><%=l(:field_author)%>: <%= issue.author %></li>
<li><%=l(:field_status)%>: <%= issue.status %></li>
<li><%=l(:field_priority)%>: <%= issue.priority %></li>
<li><%=l(:field_assigned_to)%>: <%= issue.assigned_to %></li>
<li><%=l(:field_category)%>: <%= issue.category %></li>
<li><%=l(:field_fixed_version)%>: <%= issue.fixed_version %></li>
<li><%=l(:field_author)%>: <%=h issue.author %></li>
<li><%=l(:field_status)%>: <%=h issue.status %></li>
<li><%=l(:field_priority)%>: <%=h issue.priority %></li>
<li><%=l(:field_assigned_to)%>: <%=h issue.assigned_to %></li>
<li><%=l(:field_category)%>: <%=h issue.category %></li>
<li><%=l(:field_fixed_version)%>: <%=h issue.fixed_version %></li>
<% issue.custom_values.each do |c| %>
<li><%= c.custom_field.name %>: <%= show_value(c) %></li>
<li><%=h c.custom_field.name %>: <%=h show_value(c) %></li>
<% end %>
</ul>
......
app/views/mailer/account_activation_request.text.html.rhtml
View file @ 026fbb99
<p><%= l(:mail_body_account_activation_request, @user.login) %></p>
<p><%= l(:mail_body_account_activation_request, h(@user.login)) %></p>
<p><%= link_to @url, @url %></p>
app/views/mailer/account_information.text.html.rhtml
View file @ 026fbb99
<% if @user.auth_source %>
<p><%= l(:mail_body_account_information_external, @user.auth_source.name) %></p>
<p><%= l(:mail_body_account_information_external, h(@user.auth_source.name)) %></p>
<% else %>
<p><%= l(:mail_body_account_information) %>:</p>
<ul>
<li><%= l(:field_login) %>: <%= @user.login %></li>
<li><%= l(:field_password) %>: <%= @password %></li>
<li><%= l(:field_login) %>: <%=h @user.login %></li>
<li><%= l(:field_password) %>: <%=h @password %></li>
</ul>
<% end %>
......
app/views/mailer/attachments_added.text.html.rhtml
View file @ 026fbb99
<%= link_to @added_to, @added_to_url %><br />
<ul><% @attachments.each do |attachment | %>
<li><%= attachment.filename %></li>
<li><%=h attachment.filename %></li>
<% end %></ul>
app/views/mailer/document_added.text.html.rhtml
View file @ 026fbb99
<%= link_to @document.title, @document_url %> (<%= @document.category.name %>)<br />
<%= link_to(h(@document.title), @document_url) %> (<%=h @document.category.name %>)<br />
<br />
<%= textilizable(@document, :description, :only_path => false) %>
app/views/mailer/issue_add.text.html.rhtml
View file @ 026fbb99
<%= l(:text_issue_added, :id => "##{@issue.id}", :author => @issue.author) %>
<%= l(:text_issue_added, :id => "##{@issue.id}", :author => h(@issue.author)) %>
<hr />
<%= render :partial => "issue_text_html", :locals => { :issue => @issue, :issue_url => @issue_url } %>
app/views/mailer/issue_edit.text.html.rhtml
View file @ 026fbb99
<%= l(:text_issue_updated, :id => "##{@issue.id}", :author => @journal.user) %>
<%= l(:text_issue_updated, :id => "##{@issue.id}", :author => h(@journal.user)) %>
<ul>
<% for detail in @journal.details %>
......
app/views/mailer/lost_password.text.html.rhtml
View file @ 026fbb99
<p><%= l(:mail_body_lost_password) %><br />
<%= auto_link(@url) %></p>
<p><%= l(:field_login) %>: <b><%= @token.user.login %></b></p>
<p><%= l(:field_login) %>: <b><%=h @token.user.login %></b></p>
app/views/mailer/message_posted.text.html.rhtml
View file @ 026fbb99
<h1><%=h @message.board.project.name %> - <%=h @message.board.name %>: <%= link_to @message.subject, @message_url %></h1>
<em><%= @message.author %></em>
<h1><%=h @message.board.project.name %> - <%=h @message.board.name %>: <%= link_to(h(@message.subject), @message_url) %></h1>
<em><%=h @message.author %></em>
<%= textilizable(@message, :content, :only_path => false) %>
app/views/mailer/news_added.text.html.rhtml
View file @ 026fbb99
<h1><%= link_to @news.title, @news_url %></h1>
<em><%= @news.author.name %></em>
<h1><%= link_to(h(@news.title), @news_url) %></h1>
<em><%=h @news.author.name %></em>
<%= textilizable(@news, :description, :only_path => false) %>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment