fixes #1099

2013-09-26 17:21:59 -07:00 · 2013-09-26 17:21:59 -07:00 · 9e45158423
commit 9e45158423
parent 5c55e90810
3 changed files with 8 additions and 2 deletions
--- a/app/logical/d_text.rb
+++ b/app/logical/d_text.rb
@ -244,7 +244,7 @@ class DText
  end

  def self.sanitize(text)
-    text.gsub!(/<( |-|\Z)/, "&lt;\\1")
+    text.gsub!(/<( |-|3|:|>|\Z)/, "&lt;\\1")

    Sanitize.clean(
      text,
--- a/db/structure.sql
+++ b/db/structure.sql
@ -6427,4 +6427,6 @@ INSERT INTO schema_migrations (version) VALUES ('20130618230158');

 INSERT INTO schema_migrations (version) VALUES ('20130620215658');

-INSERT INTO schema_migrations (version) VALUES ('20130712162600');
+INSERT INTO schema_migrations (version) VALUES ('20130712162600');
+
+INSERT INTO schema_migrations (version) VALUES ('20130914175431');
--- a/test/unit/dtext_test.rb
+++ b/test/unit/dtext_test.rb
@ -5,6 +5,10 @@ class DTextTest < ActiveSupport::TestCase
    DText.parse(s)
  end

+  def test_sanitize_heart
+    assert_equal('<p>&lt;3</p>', p("<3"))
+  end
+
  def test_sanitize_less_than
    assert_equal('<p>&lt;</p>', p("<"))
  end