strip tags from user profile

author: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-04-03 16:31:28 +0300
committer: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-04-03 16:31:28 +0300
commit: 921151d0414512df79f0724e0a52af6ab96108d1 (patch)
tree: 6c6f60c2ce02fa54c6ffea33a430633b97a168b0 /app
parent: 4bbe2b74a85793c06679851706633cbee87ff8ca (diff)
download: gitlab-ce-921151d0414512df79f0724e0a52af6ab96108d1.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/app/controllers/profiles_controller.rb b/app/controllers/profiles_controller.rb
index 6fa114a4194..f0d69f11184 100644
--- a/app/controllers/profiles_controller.rb
+++ b/app/controllers/profiles_controller.rb
@@ -75,7 +75,7 @@ class ProfilesController < ApplicationController
     # validation for this fields
     %w(name skype linkedin twitter bio).each do |attr|
       value = user_attributes[attr]
-      user_attributes[attr] = sanitize(value) if value.present?
+      user_attributes[attr] = sanitize(strip_tags(value)) if value.present?
     end
 
     user_attributes
author	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2013-04-03 16:31:28 +0300
committer	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2013-04-03 16:31:28 +0300
commit	921151d0414512df79f0724e0a52af6ab96108d1 (patch)
tree	6c6f60c2ce02fa54c6ffea33a430633b97a168b0 /app
parent	4bbe2b74a85793c06679851706633cbee87ff8ca (diff)
download	gitlab-ce-921151d0414512df79f0724e0a52af6ab96108d1.tar.gz