aboutsummaryrefslogtreecommitdiffstats
path: root/app
diff options
context:
space:
mode:
Diffstat (limited to 'app')
-rw-r--r--app/controllers/services_controller.rb2
-rw-r--r--app/models/foi_attachment.rb2
-rw-r--r--app/models/incoming_message.rb1
-rw-r--r--app/models/info_request.rb4
-rw-r--r--app/models/public_body.rb2
-rw-r--r--app/models/track_thing.rb4
-rw-r--r--app/views/admin_public_body/import_csv.rhtml2
-rw-r--r--app/views/admin_public_body/show.rhtml2
-rw-r--r--app/views/layouts/contact_mailer.rhtml2
-rw-r--r--app/views/layouts/outgoing_mailer.rhtml2
-rw-r--r--app/views/layouts/request_mailer.rhtml2
-rw-r--r--app/views/layouts/user_mailer.rhtml2
-rw-r--r--app/views/track_mailer/event_digest.rhtml2
13 files changed, 16 insertions, 13 deletions
diff --git a/app/controllers/services_controller.rb b/app/controllers/services_controller.rb
index 38bf51772..1db5348c7 100644
--- a/app/controllers/services_controller.rb
+++ b/app/controllers/services_controller.rb
@@ -25,7 +25,7 @@ class ServicesController < ApplicationController
end
end
if !text.empty?
- text += ' <span class="close-button">X</span>'
+ text += ' <span class="close-button">X</span>'.html_safe
end
render :text => text, :content_type => "text/plain" # XXX workaround the HTML validation in test suite
end
diff --git a/app/models/foi_attachment.rb b/app/models/foi_attachment.rb
index 2f8a9ab04..723bc4abb 100644
--- a/app/models/foi_attachment.rb
+++ b/app/models/foi_attachment.rb
@@ -219,7 +219,7 @@ class FoiAttachment < ActiveRecord::Base
def ensure_filename!
- if self.filename.nil?
+ if self.filename.blank?
calc_ext = AlaveteliFileTypes.mimetype_to_extension(self.content_type)
if !calc_ext
calc_ext = "bin"
diff --git a/app/models/incoming_message.rb b/app/models/incoming_message.rb
index a3fb973bb..f70b8c0cb 100644
--- a/app/models/incoming_message.rb
+++ b/app/models/incoming_message.rb
@@ -284,6 +284,7 @@ class IncomingMessage < ActiveRecord::Base
# Lotus notes quoting yeuch!
def remove_lotus_quoting(text, replacement = "FOLDED_QUOTED_SECTION")
text = text.dup
+ return text if self.info_request.user_name.nil?
name = Regexp.escape(self.info_request.user_name)
# To end of message sections
diff --git a/app/models/info_request.rb b/app/models/info_request.rb
index 08b331c26..c85a9701d 100644
--- a/app/models/info_request.rb
+++ b/app/models/info_request.rb
@@ -266,9 +266,9 @@ public
# into some sort of separate jurisdiction dependent file
if self.public_body.url_name == 'general_register_office'
# without GQ in the subject, you just get an auto response
- _('{{law_used_full}} request GQ - {{title}}',:law_used_full=>self.law_used_full,:title=>self.title)
+ _('{{law_used_full}} request GQ - {{title}}',:law_used_full=>self.law_used_full,:title=>self.title.html_safe)
else
- _('{{law_used_full}} request - {{title}}',:law_used_full=>self.law_used_full,:title=>self.title)
+ _('{{law_used_full}} request - {{title}}',:law_used_full=>self.law_used_full,:title=>self.title.html_safe)
end
end
def email_subject_followup(incoming_message = nil)
diff --git a/app/models/public_body.rb b/app/models/public_body.rb
index 7e0f6a5d6..5084ad6e8 100644
--- a/app/models/public_body.rb
+++ b/app/models/public_body.rb
@@ -517,6 +517,8 @@ class PublicBody < ActiveRecord::Base
'Version',
]
public_bodies.each do |public_body|
+ # Skip bodies we use only for site admin
+ next if public_body.has_tag?('site_administration')
csv << [
public_body.name,
public_body.short_name,
diff --git a/app/models/track_thing.rb b/app/models/track_thing.rb
index 2a61eb858..81800f0ae 100644
--- a/app/models/track_thing.rb
+++ b/app/models/track_thing.rb
@@ -203,7 +203,7 @@ class TrackThing < ActiveRecord::Base
:verb_on_page => _("Follow this request"),
:verb_on_page_already => _("You are already following this request"),
# Email
- :title_in_email => _("New updates for the request '{{request_title}}'", :request_title => self.info_request.title),
+ :title_in_email => _("New updates for the request '{{request_title}}'", :request_title => self.info_request.title.html_safe),
:title_in_rss => _("New updates for the request '{{request_title}}'", :request_title => self.info_request.title),
# Authentication
:web => _("To follow the request '{{request_title}}'", :request_title => CGI.escapeHTML(self.info_request.title)),
@@ -270,7 +270,7 @@ class TrackThing < ActiveRecord::Base
:verb_on_page => _("Follow this person"),
:verb_on_page_already => _("You are already following this person"),
# Email
- :title_in_email => _("FOI requests by '{{user_name}}'", :user_name=>self.tracked_user.name),
+ :title_in_email => _("FOI requests by '{{user_name}}'", :user_name=>self.tracked_user.name.html_safe),
:title_in_rss => _("FOI requests by '{{user_name}}'", :user_name=>self.tracked_user.name),
# Authentication
:web => _("To follow requests by '{{user_name}}'", :user_name=>CGI.escapeHTML(self.tracked_user.name)),
diff --git a/app/views/admin_public_body/import_csv.rhtml b/app/views/admin_public_body/import_csv.rhtml
index 62908ba52..1c6100838 100644
--- a/app/views/admin_public_body/import_csv.rhtml
+++ b/app/views/admin_public_body/import_csv.rhtml
@@ -32,7 +32,7 @@
<label for="tag_behaviour">What to do with existing tags?</label>
<%= select_tag 'tag_behaviour',
"<option value='add' selected>Add new tags to existing ones</option>
- <option value='replace'>Replace existing tags with new ones</option>"
+ <option value='replace'>Replace existing tags with new ones</option>".html_safe
%>
</p>
diff --git a/app/views/admin_public_body/show.rhtml b/app/views/admin_public_body/show.rhtml
index 094007c02..cee306988 100644
--- a/app/views/admin_public_body/show.rhtml
+++ b/app/views/admin_public_body/show.rhtml
@@ -66,7 +66,7 @@
end
# Highlight entries which have changed since previous version
changed = (!['version', 'last_edit_editor', 'last_edit_comment'].include?(column.name)) && ((historic_public_body.send(column.name) != @public_body.sorted_versions[historic_public_body.version - 2].send(column.name)) || (historic_public_body.version == 1)) %>
- <td <%= changed ? ' class="entry_changed" ': '' %> >
+ <td <%= changed ? ' class="entry_changed" '.html_safe: '' %> >
<%=value%>
</td>
<% end %>
diff --git a/app/views/layouts/contact_mailer.rhtml b/app/views/layouts/contact_mailer.rhtml
index 5b8b44402..3cdc75009 100644
--- a/app/views/layouts/contact_mailer.rhtml
+++ b/app/views/layouts/contact_mailer.rhtml
@@ -1 +1 @@
-<%= MySociety::Format.wrap_email_body_by_paragraphs(yield) %>
+<%= raw MySociety::Format.wrap_email_body_by_paragraphs(yield) %>
diff --git a/app/views/layouts/outgoing_mailer.rhtml b/app/views/layouts/outgoing_mailer.rhtml
index dbb18483f..8bf8ef216 100644
--- a/app/views/layouts/outgoing_mailer.rhtml
+++ b/app/views/layouts/outgoing_mailer.rhtml
@@ -1 +1 @@
-<%= MySociety::Format.wrap_email_body_by_lines(yield) %>
+<%= raw MySociety::Format.wrap_email_body_by_lines(yield) %>
diff --git a/app/views/layouts/request_mailer.rhtml b/app/views/layouts/request_mailer.rhtml
index 5b8b44402..3cdc75009 100644
--- a/app/views/layouts/request_mailer.rhtml
+++ b/app/views/layouts/request_mailer.rhtml
@@ -1 +1 @@
-<%= MySociety::Format.wrap_email_body_by_paragraphs(yield) %>
+<%= raw MySociety::Format.wrap_email_body_by_paragraphs(yield) %>
diff --git a/app/views/layouts/user_mailer.rhtml b/app/views/layouts/user_mailer.rhtml
index 5b8b44402..3cdc75009 100644
--- a/app/views/layouts/user_mailer.rhtml
+++ b/app/views/layouts/user_mailer.rhtml
@@ -1 +1 @@
-<%= MySociety::Format.wrap_email_body_by_paragraphs(yield) %>
+<%= raw MySociety::Format.wrap_email_body_by_paragraphs(yield) %>
diff --git a/app/views/track_mailer/event_digest.rhtml b/app/views/track_mailer/event_digest.rhtml
index 2c2e3c957..dc8132b99 100644
--- a/app/views/track_mailer/event_digest.rhtml
+++ b/app/views/track_mailer/event_digest.rhtml
@@ -57,7 +57,7 @@
main_text += "\n"
end
-%><%=main_text%><%= _("Alter your subscription")%>
+%><%=raw main_text%><%= _("Alter your subscription")%>
=======================
<% _("Please click on the link below to cancel or alter these emails.") %>
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-03 09:55:59 +0000