Sanitize glm helper

dzaporozhets · dzaporozhets · commit beb5e1bd6b66 · 2012-09-01T23:35:04.000+03:00
diff --git a/app/assets/stylesheets/sections/notes.scss b/app/assets/stylesheets/sections/notes.scss
@@ -31,7 +31,7 @@
 
 #new_note {
   .note-text {
-    height:25px;
+    height:40px;
   }
   .attach_holder {
     display:none;
@@ -212,3 +212,8 @@ td .line_note_link {
     }
   }
 }
+
+.note-text { 
+  border: 1px solid #aaa;
+  box-shadow:none;
+}
diff --git a/app/helpers/gitlab_markdown_helper.rb b/app/helpers/gitlab_markdown_helper.rb
@@ -31,7 +31,7 @@ def gfm(text, html_options = {})
       extractions[$1]
     end
 
-    text.html_safe
+    sanitize text.html_safe
   end
 
   # Use this in places where you would normally use link_to(gfm(...), ...).
diff --git a/app/views/notes/_per_line_form.html.haml b/app/views/notes/_per_line_form.html.haml
@@ -16,7 +16,7 @@
             = f.text_area :note,  size: 255, class: 'line-note-text'
             .note_actions
               .buttons
-                = f.submit 'Add note', class: "btn primary submit_note submit_inline_note", id: "submit_note"
+                = f.submit 'Add note', class: "btn save-btn submit_note submit_inline_note", id: "submit_note"
                 = link_to "Cancel", "#", class: "btn hide-button"
               .options
                 %h6.left Notify via email:
