]> git.openstreetmap.org Git - rails.git/blobdiff - app/views/diary_entries/_diary_entry.html.erb
Fix the CrossSiteScripting warnings from Brakeman
[rails.git] / app / views / diary_entries / _diary_entry.html.erb
index ef983ebde5b511f8a8d2ab57675cccdf5ee57b0f..48df5d18e06a974c4cfc6d124b353161d4f25799 100644 (file)
@@ -1,13 +1,13 @@
-<div class='diary_post<%= " deemphasize" unless diary_entry.visible %> user_<%= diary_entry.user.id %>'>
+<div class='diary_post<%= " text-muted px-3 deleted" unless diary_entry.visible %> user_<%= diary_entry.user.id %>'>
   <div class='post_heading clearfix'>
     <% if !@user %>
       <%= user_thumbnail diary_entry.user %>
     <% end %>
 
-    <h2><%= link_to h(diary_entry.title), diary_entry_path(diary_entry.user, diary_entry) %></h2>
+    <h2><%= link_to diary_entry.title, diary_entry_path(diary_entry.user, diary_entry) %></h2>
 
-    <small class='deemphasize'>
-      <%= raw(t(".posted_by", :link_user => (link_to h(diary_entry.user.display_name), user_path(diary_entry.user)), :created => l(diary_entry.created_at, :format => :blog), :language_link => (link_to h(diary_entry.language.name), :controller => "diary_entries", :action => "index", :display_name => nil, :language => diary_entry.language_code))) %>
+    <small class='text-muted'>
+      <%= t(".posted_by_html", :link_user => (link_to diary_entry.user.display_name, user_path(diary_entry.user)), :created => l(diary_entry.created_at, :format => :blog), :language_link => (link_to diary_entry.language.name, :controller => "diary_entries", :action => "index", :display_name => nil, :language => diary_entry.language_code)) %>
     </small>
 
   </div>