projects
/
selectricity-live
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Add a bunch of fixes to HTML escaping, and a test case for it
[selectricity-live]
/
app
/
views
/
quickvote
/
_pref_table.rhtml
diff --git
a/app/views/quickvote/_pref_table.rhtml
b/app/views/quickvote/_pref_table.rhtml
index 4576a0fafb8e7971af4499ba88b9501bacb1a2aa..1d3cdf37b29706c7be45c654ccf05000be20caef 100644
(file)
--- a/
app/views/quickvote/_pref_table.rhtml
+++ b/
app/views/quickvote/_pref_table.rhtml
@@
-9,17
+9,17
@@
<tr>
<td> </td>
<% candidates.each do |candidate| -%>
<tr>
<td> </td>
<% candidates.each do |candidate| -%>
- <th><%= names[candidate] -%></th>
+ <th><%=
h
names[candidate] -%></th>
<% end -%>
<% candidates.each do |winner| -%>
<tr>
<% end -%>
<% candidates.each do |winner| -%>
<tr>
- <th><%= names[winner] %></th>
+ <th><%=
h
names[winner] %></th>
<% candidates.each do |loser| -%>
<% if winner == loser -%>
<td> -- </td>
<% else %>
<td><% wins = @election.condorcet_result.matrix[winner][loser]%>
<% candidates.each do |loser| -%>
<% if winner == loser -%>
<td> -- </td>
<% else %>
<td><% wins = @election.condorcet_result.matrix[winner][loser]%>
- <%= wins %>
+ <%=
h
wins %>
<%= sparkline_tag [(wins.to_f/voters.to_f)*100.0], :type => 'pie',
:diameter => 25, :share_color => '#74ce00' %>
</td>
<%= sparkline_tag [(wins.to_f/voters.to_f)*100.0], :type => 'pie',
:diameter => 25, :share_color => '#74ce00' %>
</td>
Benjamin Mako Hill
||
Want to submit a patch?