Escaped html characters

author: Chantal Rollison <crollison@gitlab.com> 2018-08-11 13:33:15 -0700
committer: Chantal Rollison <crollison@gitlab.com> 2018-08-21 07:37:33 -0700
commit: 81a403f05f05f4ee8d65db6185cbd0856f7c5189 (patch)
tree: a16142b2fa175d6d16b70e8cd86ba3f681947b18 /lib/gitlab/diff
parent: 3cd61fea03b360af50793488a83e8147a1cf3311 (diff)
download: gitlab-ce-81a403f05f05f4ee8d65db6185cbd0856f7c5189.tar.gz
2 files changed, 2 insertions, 2 deletions
diff --git a/lib/gitlab/diff/highlight.rb b/lib/gitlab/diff/highlight.rb
index 5c1baa19b66..1f012043e56 100644
--- a/lib/gitlab/diff/highlight.rb
+++ b/lib/gitlab/diff/highlight.rb
@@ -37,7 +37,7 @@ module Gitlab
             end
           end
 
-          diff_line.text = rich_line
+          diff_line.rich_text = rich_line
 
           diff_line
         end
diff --git a/lib/gitlab/diff/line.rb b/lib/gitlab/diff/line.rb
index 1faf7770634..633985d5caa 100644
--- a/lib/gitlab/diff/line.rb
+++ b/lib/gitlab/diff/line.rb
@@ -85,7 +85,7 @@ module Gitlab
           old_line: old_line,
           new_line: new_line,
           text: text,
-          rich_text: rich_text || text,
+          rich_text: rich_text || CGI.escapeHTML(text),
           meta_data: meta_positions
         }
       end
author	Chantal Rollison <crollison@gitlab.com>	2018-08-11 13:33:15 -0700
committer	Chantal Rollison <crollison@gitlab.com>	2018-08-21 07:37:33 -0700
commit	81a403f05f05f4ee8d65db6185cbd0856f7c5189 (patch)
tree	a16142b2fa175d6d16b70e8cd86ba3f681947b18 /lib/gitlab/diff
parent	3cd61fea03b360af50793488a83e8147a1cf3311 (diff)
download	gitlab-ce-81a403f05f05f4ee8d65db6185cbd0856f7c5189.tar.gz