Skip to content

Add tag_pair to support safe_format and avoid html_safe calls

Peter Leitzen requested to merge pl-tag-hash into master

What does this MR do and why?

This MR implements a new helper method tag_pair from #374091 (comment 1397321824).

Currently, we need to use .html_safe for tags passed to safe_format. This doesn't play well with Prohibit calling .html_safe in views (#408826).

# Before
safe_format(s_('Preferences|When you type in a description or comment box, pressing %{kbdOpen}Enter%{kbdClose} in a list adds a new item below.'), kbdOpen: '<kbd>'.html_safe, kbdClose: '</kbd>'.html_safe)

safe_format(_('You have set up 2FA for your account! If you lose access to your 2FA device, you can use your recovery codes to access your account. Alternatively, if you upload an SSH key, you can %{anchorOpen}use that key to generate additional recovery codes%{anchorClose}.'), anchorOpen: '<a href="%{href}">'.html_safe % { href: help_page_path('user/profile/account/two_factor_authentication', anchor: 'generate-new-recovery-codes-using-ssh') }, anchorClose: '</a>'.html_safe)

We could get rid of .html_safe by using Rails' tag.X helper and adding a String method tag_pair(open_tag, close_tag) which returns a Hash containing "html safe" open and close tags:

# After
safe_format(s_('Preferences|When you type in a description or comment box, pressing %{kbdOpen}Enter%{kbdClose} in a list adds a new item below.'), tag.kbd.tag_pair(:kbdOpen, :kbdClose))

link = link_to('', help_page_path('user/profile/account/two_factor_authentication', anchor: 'generate-new-recovery-codes-using-ssh'))
safe_format(_('You have set up 2FA for your account! If you lose access to your 2FA device, you can use your recovery codes to access your account. Alternatively, if you upload an SSH key, you can %{anchorOpen}use that key to generate additional recovery codes%{anchorClose}.'), tag_pair(link, :anchorOpen, :anchorClose))

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Peter Leitzen

Merge request reports