helpers.rb in onebox-1.6.6

- old
+ new

@@ -63,13 +63,22 @@
         value.respond_to?(:empty?) ? !!value.empty? : !value
       end
     end
 
     def self.truncate(string, length = 50)
-      string.size > length ? string[0..length] + "..." : string
+      string.size > length ? string[0...(string.rindex(" ", length)||length)] + "..." : string
     end
 
     def self.title_attr(meta)
       (meta && !blank?(meta[:title])) ? "title='#{CGI.escapeHTML(meta[:title])}'" : ""
     end
+
+    def self.normalize_url_for_output(url)
+      url = url.dup
+      # expect properly encoded url, remove any unsafe chars
+      url.gsub!(/[^a-zA-Z0-9%\-`._~:\/?#\[\]@!$&'\(\)*+,;=]/, "")
+      url.gsub!("'", "&quot;")
+      url
+    end
+
   end
 end