Only mark email_subject_request as HTML safe when used in email subject.

It's also used in the web interface and needs to be escaped there.
author: Louise Crow <louise.crow@gmail.com> 2014-11-03 10:24:40 +0000
committer: Louise Crow <louise.crow@gmail.com> 2014-12-12 17:53:34 +0000
commit: 39d7c598161b6b1577ef6d18de7d13e68fa5706f (patch)
tree: 111078750a90bfa6b34c9de583b67a03a5bc61a8 /app/models/info_request.rb
parent: 64e636fee3651f5f6c9d3e34bd1260d546e11ce7 (diff)
1 files changed, 9 insertions, 4 deletions
diff --git a/app/models/info_request.rb b/app/models/info_request.rb
index d0052603a..dcd16878b 100644
--- a/app/models/info_request.rb
+++ b/app/models/info_request.rb
@@ -292,13 +292,18 @@ public
     end
 
     # Subject lines for emails about the request
-    def email_subject_request
-        _('{{law_used_full}} request - {{title}}',:law_used_full=>self.law_used_full,:title=>self.title.html_safe)
+    def email_subject_request(opts = {})
+        html = opts.fetch(:html, true)
+        _('{{law_used_full}} request - {{title}}',
+            :law_used_full => self.law_used_full,
+            :title => (html ? title : title.html_safe))
     end
 
-    def email_subject_followup(incoming_message = nil)
+    def email_subject_followup(opts = {})
+        incoming_message = opts.fetch(:incoming_message, nil)
+        html = opts.fetch(:html, true)
         if incoming_message.nil? || !incoming_message.valid_to_reply_to? || !incoming_message.subject
-            'Re: ' + self.email_subject_request
+            'Re: ' + self.email_subject_request(:html => html)
         else
             if incoming_message.subject.match(/^Re:/i)
                 incoming_message.subject
author	Louise Crow <louise.crow@gmail.com>	2014-11-03 10:24:40 +0000
committer	Louise Crow <louise.crow@gmail.com>	2014-12-12 17:53:34 +0000
commit	39d7c598161b6b1577ef6d18de7d13e68fa5706f (patch)
tree	111078750a90bfa6b34c9de583b67a03a5bc61a8 /app/models/info_request.rb
parent	64e636fee3651f5f6c9d3e34bd1260d546e11ce7 (diff)