<%= submit_tag l(:button_save) %> <%= link_to l(:button_cancel), '#', :onclick => "Element.remove('journal-#{@journal.id}-form'); " + "Element.show('journal-#{@journal.id}-notes'); return false;" %>
diff --git a/lib/redcloth.rb b/lib/redcloth.rb index 2b36421d9..4faa4b9e5 100644 --- a/lib/redcloth.rb +++ b/lib/redcloth.rb @@ -433,12 +433,15 @@ class RedCloth < String # # Flexible HTML escaping # - def htmlesc( str, mode ) + def htmlesc( str, mode=:Quotes ) + if str str.gsub!( '&', '&' ) str.gsub!( '"', '"' ) if mode != :NoQuotes str.gsub!( "'", ''' ) if mode == :Quotes str.gsub!( '<', '<') str.gsub!( '>', '>') + end + str end # Search and replace for Textile glyphs (quotes, dashes, other symbols) @@ -890,6 +893,7 @@ class RedCloth < String def inline_textile_image( text ) text.gsub!( IMAGE_RE ) do |m| stln,algn,atts,url,title,href,href_a1,href_a2 = $~[1..8] + htmlesc title atts = pba( atts ) atts = " src=\"#{ url }\"#{ atts }" atts << " title=\"#{ title }\"" if title diff --git a/test/unit/helpers/application_helper_test.rb b/test/unit/helpers/application_helper_test.rb index 5fdf65961..e20866786 100644 --- a/test/unit/helpers/application_helper_test.rb +++ b/test/unit/helpers/application_helper_test.rb @@ -50,6 +50,8 @@ class ApplicationHelperTest < HelperTestCase 'floating !>http://foo.bar/image.jpg!' => 'floating',
'with style !{width:100px;height100px}http://foo.bar/image.jpg!' => 'with style ',
+ 'with title !http://foo.bar/image.jpg(This is a title)!' => 'with title ',
+ 'with title !http://foo.bar/image.jpg(This is a double-quoted "title")!' => 'with title ',
}
to_test.each { |text, result| assert_equal "#{result}
", textilizable(text) } end