Modified: trunk/vendor/plugins/white_list/lib/white_list_helper.rb (2042 => 2043)
--- trunk/vendor/plugins/white_list/lib/white_list_helper.rb 2009-01-09 13:23:07 UTC (rev 2042)
+++ trunk/vendor/plugins/white_list/lib/white_list_helper.rb 2009-01-09 14:07:57 UTC (rev 2043)
@@ -68,7 +68,7 @@
if !attrs.include?(attr_name) || (protocol_attributes.include?(attr_name) && contains_bad_protocols?(value))
node.attributes.delete(attr_name)
else
- node.attributes[attr_name] = CGI::escapeHTML(value)
+ node.attributes[attr_name] = value
end
end if node.attributes
if tags.include?(node.name)
@@ -94,4 +94,4 @@
WhiteListHelper.bad_tags = %w(script div span fieldset legend style)
WhiteListHelper.tags = %w(strong em b i u p code pre tt output samp kbd var sub sup dfn cite big small address hr br h1 h2 h3 h4 h5 h6 ul ol li dt dd abbr acronym a img blockquote del ins)
WhiteListHelper.attributes = %w(href src width height alt cite datetime title class style)
-WhiteListHelper.protocols = %w(ed2k ftp http https irc mailto news gopher nntp telnet webcal xmpp callto feed)
\ No newline at end of file
+WhiteListHelper.protocols = %w(ed2k ftp http https irc mailto news gopher nntp telnet webcal xmpp callto feed)
Modified: trunk/vendor/plugins/white_list_formatted_content/init.rb (2042 => 2043)
--- trunk/vendor/plugins/white_list_formatted_content/init.rb 2009-01-09 13:23:07 UTC (rev 2042)
+++ trunk/vendor/plugins/white_list_formatted_content/init.rb 2009-01-09 14:07:57 UTC (rev 2043)
@@ -20,6 +20,6 @@
def body_html_with_formatting
body_html = auto_link body { |text| truncate(text, 50) }
- white_list(RedCloth.new(body_html).to_html)
+ white_list(body_html)
end
-end
\ No newline at end of file
+end