[openstreetmap/openstreetmap-website] Display how long until a note will disappear (PR #3676)

[Andy Allan]

@gravitystorm requested changes on this pull request.



> -    <p><small class="text-muted"><%= t "javascripts.notes.show.report_link_html", :link => report_link(t(".report"), @note) %></small></p>
+    <p>
+      <small class="text-muted">
+        <%= t "javascripts.notes.show.report_link_html", :link => report_link(t(".report"), @note) %>
+        <% if @note.status == "open" %>
+          <%= t "javascripts.notes.show.other_problems_resolve", :link => report_link(t(".report"), @note) %>
+        <% elsif @note.status == "closed" %>
+          <%= t "javascripts.notes.show.other_problems_resolved" %>
+        <% end %>
+      </small>
+    </p>
+  <% end %>
+
+  <% if @note.freshly_closed? %>
+    <small class="text-muted">
+      <%= t("javascripts.notes.show.disappear_date", :disappear_in => disappear_in(@note)).html_safe %>

Avoid using `html_safe`, since that opens up potential for security issues (it just marks the string as html safe, it doesn't do any sanitisation). 

Instead, use a translation key that ends in `_html`. For similar examples, see https://github.com/openstreetmap/openstreetmap-website/pull/2898

-- 
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/3676#pullrequestreview-1107876319
You are receiving this because you are subscribed to this thread.

Message ID: <openstreetmap/openstreetmap-website/pull/3676/review/1107876319 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20220914/9ed68b56/attachment.htm>