Defect #35441 » 35441-v2.patch
| lib/redmine/wiki_formatting/textile/redcloth3.rb | ||
|---|---|---|
| 961 | 961 |
href, alt_title = check_refs( href ) if href |
| 962 | 962 |
url, url_title = check_refs( url ) |
| 963 | 963 | |
| 964 |
next m unless uri_with_safe_scheme?(url) |
|
| 964 |
next m unless uri_with_safe_scheme?(url.partition('?').first)
|
|
| 965 | 965 |
if href |
| 966 | 966 |
href = htmlesc(href.dup) |
| 967 | 967 |
next m if href.downcase.start_with?('javascript:')
|
| test/helpers/application_helper_test.rb | ||
|---|---|---|
| 150 | 150 |
'with title !http://foo.bar/image.jpg(This is a double-quoted "title")!' => |
| 151 | 151 |
'with title <img src="http://foo.bar/image.jpg" title="This is a double-quoted "title"" ' \ |
| 152 | 152 |
'alt="This is a double-quoted "title"" />', |
| 153 |
'with query string !http://foo.bar/image.cgi?a=1&b=2!' => |
|
| 154 |
'with query string <img src="http://foo.bar/image.cgi?a=1&b=2" alt="" />' |
|
| 153 | 155 |
} |
| 154 | 156 |
to_test.each {|text, result| assert_equal "<p>#{result}</p>", textilizable(text)}
|
| 155 | 157 |
end |
- « Previous
- 1
- 2
- 3
- Next »
