[openstreetmap/openstreetmap-website] Added color preview box in tag browser sidebar (#1779)

Štefan Baebler notifications at github.com
Mon Mar 19 07:12:20 UTC 2018

@mmd-osm tnx for noticing. In 23fa74823a66df95330f75f9bfd5cb2bffcb2505 i have fixed that by marking the html markup string as `html_safe` to prevent ruby from html escaping it.
It works:

...but rubocop [complains](https://travis-ci.org/openstreetmap/openstreetmap-website/builds/355233870) with:
app/helpers/browse_helper.rb:80:183: C: Rails/OutputSafety: Tagging a string as html safe may be a security risk.
      %( <div class="colour-preview-box" style="background-color:#{h(value)}" title="#{h(t('browse.tag_details.colour_preview', :colour_value => colour_value))}"></div>#{h(value)} ).html_safe
Not sure how to fix that properly. @tomhughes, is it ok to add the exception to the whole file to `.rubocop*.yml` or is there a better way (adding exception for just this line or preventing the unwanted html escaping in some other way)?

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20180319/4971d9af/attachment.html>

More information about the rails-dev mailing list