From b2a6cf070c655b8e03b6b2b0cf0964532e84c5b5 Mon Sep 17 00:00:00 2001 From: evazion Date: Sat, 19 Nov 2016 21:33:26 -0600 Subject: [PATCH] Use raw note body instead of sanitized body for note edit box. --- app/assets/javascripts/notes.js | 9 +++++---- app/views/notes/_note.html.erb | 2 +- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/app/assets/javascripts/notes.js b/app/assets/javascripts/notes.js index c0525492f..6b0562087 100644 --- a/app/assets/javascripts/notes.js +++ b/app/assets/javascripts/notes.js @@ -714,7 +714,7 @@ Danbooru.Note = { timeouts: [], pending: {}, - add: function(container, id, x, y, w, h, text) { + add: function(container, id, x, y, w, h, original_body, sanitized_body) { var $note_box = Danbooru.Note.Box.create(id); var $note_body = Danbooru.Note.Body.create(id); @@ -724,11 +724,11 @@ Danbooru.Note = { $note_box.data('height', h); container.appendChild($note_box[0]); container.appendChild($note_body[0]); - $note_body.data("original-body", text); + $note_body.data("original-body", original_body); Danbooru.Note.Box.scale($note_box); - Danbooru.Note.Body.display_text($note_body, text); + Danbooru.Note.Body.display_text($note_body, sanitized_body); if (Danbooru.Note.embed) { - Danbooru.Note.Body.display_text($note_box.children("div.note-box-inner-border"), text); + Danbooru.Note.Body.display_text($note_box.children("div.note-box-inner-border"), sanitized_body); } }, @@ -769,6 +769,7 @@ Danbooru.Note = { $article.data("y"), $article.data("width"), $article.data("height"), + $article.data("body"), $article.html() ); }); diff --git a/app/views/notes/_note.html.erb b/app/views/notes/_note.html.erb index 399d2bbd5..fcf1b3dff 100644 --- a/app/views/notes/_note.html.erb +++ b/app/views/notes/_note.html.erb @@ -1 +1 @@ -
<%= raw DText.sanitize(note.body) %>
+
<%= raw DText.sanitize(note.body) %>