Fix top-level calls to `html_escape`
## Bad, unless in app/views or app/components
`h`
`html_escape`
## Good
ERB::Util.h
ERB::Util.html_escapeList of files to look into:
-
app/controllers/concerns/confirm_email_warning.rb -
app/controllers/search_controller.rb -
app/helpers/form_helper.rb -
app/helpers/groups/group_members_helper.rb -
app/helpers/import_helper.rb -
app/helpers/merge_requests_helper.rb -
app/helpers/mirror_helper.rb -
app/helpers/projects/project_members_helper.rb -
app/helpers/projects_helper.rb -
app/helpers/reminder_emails_helper.rb -
app/helpers/safe_format_helper.rb -
app/helpers/search_helper.rb -
app/helpers/users_helper.rb -
app/helpers/wiki_page_version_helper.rb -
app/models/concerns/restricted_signup.rb -
app/serializers/build_details_entity.rb -
ee/app/controllers/admin/licenses_controller.rb -
ee/app/helpers/billing_plans_helper.rb -
ee/app/helpers/ee/groups/settings_helper.rb -
ee/app/helpers/ee/groups_helper.rb -
ee/app/helpers/ee/import_helper.rb -
ee/app/helpers/ee/labels_helper.rb -
ee/app/helpers/ee/projects_helper.rb -
ee/app/serializers/integrations/jira_serializers/issue_entity.rb -
lib/gitlab/string_range_marker.rb
Generated using:
git grep -l -E "[^.]html_escape" app/ lib/ ee/app/ ee/lib/ | grep -v app\/views | grep -v app\/componentsImplementation guide
For each file above, swap out html_escape with ERB::Util.html_escape
See also this Draft MR : !134950 (closed)
Edited by Daniel