Hi all, In ticket http://dev.rousette.org.uk/ticket/740 there is a report where your layout is messed up when you use <DIV> or </DIV> in the description field.
We use sanitize to remove malicious html from the description in the todo partial, but using sanitize does not remove any <DIV>'s in the description field. Is anyone even using html in the description? Is it ok to just replace <%= sanitize(todo.description) %> with <%= h todo.description %> Thanks, Reinier _______________________________________________ Tracks-discuss mailing list [email protected] http://lists.rousette.org.uk/mailman/listinfo/tracks-discuss
