lib/statusz.rb in statusz-0.0.1 vs lib/statusz.rb in statusz-0.0.2
- old
+ new
@@ -1,5 +1,6 @@
+require "cgi"
require "erb"
require "time"
module Statusz
ALL_FIELDS = %w(git_directory latest_sha current_branch date username git_user_info commit_search)
@@ -48,10 +49,10 @@
when :html
html_values = options[:fields].reduce({}) do |hash, field|
if field == "commit_search"
pair = { FIELD_TO_HEADER_NAME[field] => FIELD_TO_SCRAPING_PROC[field].call.split("\n") }
else
- pair = { FIELD_TO_HEADER_NAME[field] => FIELD_TO_SCRAPING_PROC[field].call }
+ pair = { FIELD_TO_HEADER_NAME[field] => CGI.escapeHTML(FIELD_TO_SCRAPING_PROC[field].call) }
end
hash.merge pair
end
output = ERB.new(File.read(File.join(File.dirname(__FILE__), "statusz.erb"))).result(binding)
end