change decidim_html_escape method to return an html escaped and safe

octree-gva · Nov 26, 2024 · 87bd217 · 87bd217
1 parent 1f3a870
commit 87bd217
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/decidim-core/app/helpers/decidim/sanitize_helper.rb b/decidim-core/app/helpers/decidim/sanitize_helper.rb
@@ -56,7 +56,7 @@ def decidim_sanitize_editor_admin(html, options = {})
     end
 
     def decidim_html_escape(text)
-      ERB::Util.unwrapped_html_escape(text.to_str)
+      ERB::Util.unwrapped_html_escape(text.to_str).html_safe
     end
 
     def decidim_url_escape(text)

diff --git a/decidim-core/app/views/layouts/decidim/header/_menu_breadcrumb_mobile_tablet.html.erb b/decidim-core/app/views/layouts/decidim/header/_menu_breadcrumb_mobile_tablet.html.erb
@@ -2,7 +2,7 @@
 <div class="menu-bar__breadcrumb-mobile__dropdown-trigger">
   <span>
     <% breadcrumb_items.last(2).each_with_index do |item, i| %>
-      <% item_label = decidim_escape_translated(item[:label]).html_safe %>
+      <% item_label = decidim_escape_translated(item[:label]) %>
       <% if i.positive? %>
         <span>/</span>
       <% end %>