This allows us to enable output safety checks for all code within
erb files.
`rubocop --auto-gen-config` ignores code within the erb files, so
it is easier to maintain an exclusion on the helper than inside
the layout.
Enabled: false
Naming/FileName:
Enabled: false
Enabled: false
Naming/FileName:
Enabled: false
- Rails/OutputSafety:
- Enabled: false
Style/FrozenStringLiteralComment:
Enabled: false
SelfClosingTag:
Style/FrozenStringLiteralComment:
Enabled: false
SelfClosingTag:
Rails/OutputSafety:
Exclude:
- 'app/helpers/application_helper.rb'
Rails/OutputSafety:
Exclude:
- 'app/helpers/application_helper.rb'
+ - 'app/helpers/user_mailer_helper.rb'
- 'lib/rich_text.rb'
- 'test/helpers/application_helper_test.rb'
- 'lib/rich_text.rb'
- 'test/helpers/application_helper_test.rb'
# Because we can't use stylesheets in HTML emails, we need to inline the
# styles. Rather than copy-paste the same string of CSS into every message,
# we apply it once here, after the message has been composed.
# Because we can't use stylesheets in HTML emails, we need to inline the
# styles. Rather than copy-paste the same string of CSS into every message,
# we apply it once here, after the message has been composed.
- html.gsub("<p>", '<p style="color: black; margin: 0.75em 0; font-family: \'Helvetica Neue\', Arial, Sans-Serif">')
+ html.gsub("<p>", '<p style="color: black; margin: 0.75em 0; font-family: \'Helvetica Neue\', Arial, Sans-Serif">').html_safe
<table style="background-color: #fff; color: #222; border: solid 1px #ccc; border-collapse: separate">
<tr>
<td style="text-align: <%= style_left %>; padding: 0px 15px 5px 15px">
<table style="background-color: #fff; color: #222; border: solid 1px #ccc; border-collapse: separate">
<tr>
<td style="text-align: <%= style_left %>; padding: 0px 15px 5px 15px">
- <%= raw style_message(yield) %>
+ <%= style_message(yield) %>