Closed MrBowmanXD closed 1 week ago
Yes i can.
I think we still need to test in order to check if the order of the methods is right, but in essence the solution might look like the above commit shows.
We could make a test that simulates adding mailicious html to check if html_escape is working or it's redundant?
We could make a test that simulates adding mailicious html to check if html_escape is working or it's redundant?
It's not necessary, html_escape
is part of Rails so it should be tested by Rails. If we can't trust Rails then we are in trouble :smile:
Need to delete this last commit in github. This last commit introduces code that should not be there.
It's good now, thanks for your help @MrBowmanXD 🙏
You last commit will be sorted out once we merge into master. Note for next time we prefer to rebase the branch instead of merging master.
Sorry for the late response but this last commit introduces code that should not be there. I can make another pull request if necessary.
Had to remove the code according to #12443
Hey @MrBowmanXD ,
Thanks for another PR :muscle:
Before staging it, we can see the bug (left, admin section; right, shopfront):
After staging your PR we can see the line breaks are displayed correctly:
Awesome!! :tada: Merging.
Ohh, I just noticed there are some merge conflicts. Can you fix these @MrBowmanXD ?
Thanks!
Check the shipping method description (in checkout details) and the payment method description (in checkout payment).
What? Why?
When setting up a shipping or payment method description, users are allowed to return to line or add line breaks in the admin side.
However this is not done is the shopfront where everything is only separated with a space. If description are long this can be quite ugly.
(copied from the issue)
Simply added the simple_format method in order to introduce line breaks or return in the shipping method description. (checkout/_details.html.haml: line98)
What should we test?
Note: Check security issues but simple_format sanitizes the html by default according to the documentation.
Release notes
Changelog Category (reviewers may add a label for the release notes):
The title of the pull request will be included in the release notes.