From b2847f23315b69c6bb6dee6a1ad3f313c780fdb6 Mon Sep 17 00:00:00 2001 From: Juliana A Date: Thu, 28 Sep 2023 18:15:19 -0700 Subject: [PATCH] Allow some basic HTML tags in story description --- rails/app/javascript/components/Story.jsx | 2 +- rails/app/views/dashboard/stories/_stories.html.erb | 2 +- rails/app/views/dashboard/stories/show.html.erb | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/rails/app/javascript/components/Story.jsx b/rails/app/javascript/components/Story.jsx index b5451238f..6cad2f1bc 100644 --- a/rails/app/javascript/components/Story.jsx +++ b/rails/app/javascript/components/Story.jsx @@ -50,7 +50,7 @@ const Story = props => { {story.title} {story.permission_level === "restricted" && " 🔒"} -

{story.desc}

+

{ story.media && story.media.map(file => ( diff --git a/rails/app/views/dashboard/stories/_stories.html.erb b/rails/app/views/dashboard/stories/_stories.html.erb index 3cb2f5fc9..e5d2a5cdb 100644 --- a/rails/app/views/dashboard/stories/_stories.html.erb +++ b/rails/app/views/dashboard/stories/_stories.html.erb @@ -14,7 +14,7 @@ <%= Story.human_attribute_name("permission_level.#{story.permission_level}") %> <% end %> -

<%= story.desc %>

+

<%= sanitize story.desc, tags: %w(strong em u) %>

diff --git a/rails/app/views/dashboard/stories/show.html.erb b/rails/app/views/dashboard/stories/show.html.erb index 3b841910e..461cf47d3 100644 --- a/rails/app/views/dashboard/stories/show.html.erb +++ b/rails/app/views/dashboard/stories/show.html.erb @@ -83,7 +83,7 @@
-

<%= @story.desc %>

+

<%= sanitize @story.desc, tags: %w(strong em u) %>

<% @story.media.each do |media| %>