Mark translations as html_safe

author: Henare Degan <henare.degan@gmail.com> 2012-12-10 15:50:50 +1100
committer: Henare Degan <henare.degan@gmail.com> 2012-12-11 11:09:39 +1100
commit: 9d0295f1ebb1b8019c59ee48f86668a0e55b39ec (patch)
tree: fd1fd4085c1a555f8b826291bad0a9833146ebd4 /config/initializers/gettext_i18n_rails.rb
parent: b2f28a42f65c473bbf50bb98c2492518e87c10c4 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/config/initializers/gettext_i18n_rails.rb b/config/initializers/gettext_i18n_rails.rb
new file mode 100644
index 000000000..ef306682b
--- /dev/null
+++ b/config/initializers/gettext_i18n_rails.rb
@@ -0,0 +1,3 @@
+# FIXME: Audit the translations for XSS opportunities. Ultimately it would be
+# good to get rid of this and explicitly mark strings as html_safe
+GettextI18nRails.translations_are_html_safe = true
author	Henare Degan <henare.degan@gmail.com>	2012-12-10 15:50:50 +1100
committer	Henare Degan <henare.degan@gmail.com>	2012-12-11 11:09:39 +1100
commit	9d0295f1ebb1b8019c59ee48f86668a0e55b39ec (patch)
tree	fd1fd4085c1a555f8b826291bad0a9833146ebd4 /config/initializers/gettext_i18n_rails.rb
parent	b2f28a42f65c473bbf50bb98c2492518e87c10c4 (diff)