Fix escaping

Some data was HTML-escaped in the API results. Now data in API results is (hopefully) all raw and clients have to escape as needed. One client is, obviously, taginfo itself and a few places have been changed to do the right escaping now. Fixes #19.
author: Jochen Topf <jochen@topf.org> 2013-01-30 22:06:36 +0100
committer: Jochen Topf <jochen@topf.org> 2013-01-30 22:06:36 +0100
commit: 59ca7dcc45cae63309795d3b30822fa06d4b7cb1 (patch)
tree: 18f54697ff03a214f4c79eedfae83183f7efb8b0 /web/lib
parent: ce090c57c55e0e4d4ed36ef8274f89ff810b1fe1 (diff)
download: taginfo-59ca7dcc45cae63309795d3b30822fa06d4b7cb1.tar
taginfo-59ca7dcc45cae63309795d3b30822fa06d4b7cb1.tar.gz
2 files changed, 11 insertions, 11 deletions
diff --git a/web/lib/api/v4/relation.rb b/web/lib/api/v4/relation.rb
index 9cc8137..4fdd936 100644
--- a/web/lib/api/v4/relation.rb
+++ b/web/lib/api/v4/relation.rb
@@ -132,11 +132,11 @@ class Taginfo < Sinatra::Base
         res = @db.execute('SELECT * FROM wiki.relation_pages LEFT OUTER JOIN wiki.wiki_images USING (image) WHERE rtype = ? ORDER BY lang', rtype)
 
         return res.map{ |row| {
-                :lang             => h(row['lang']),
-                :language         => h(::Language[row['lang']].native_name),
-                :language_en      => h(::Language[row['lang']].english_name),
-                :title            => h(row['title']),
-                :description      => h(row['description']),
+                :lang             => row['lang'],
+                :language         => ::Language[row['lang']].native_name,
+                :language_en      => ::Language[row['lang']].english_name,
+                :title            => row['title'],
+                :description      => row['description'],
                 :image            => {
                     :title            => row['image'],
                     :width            => row['width'].to_i,
diff --git a/web/lib/utils.rb b/web/lib/utils.rb
index 34f3d48..c220913 100644
--- a/web/lib/utils.rb
+++ b/web/lib/utils.rb
@@ -140,11 +140,11 @@ end
 # Used in wiki api calls
 def get_wiki_result(res)
     return res.map{ |row| {
-            :lang             => h(row['lang']),
-            :language         => h(::Language[row['lang']].native_name),
-            :language_en      => h(::Language[row['lang']].english_name),
-            :title            => h(row['title']),
-            :description      => h(row['description']),
+            :lang             => row['lang'],
+            :language         => ::Language[row['lang']].native_name,
+            :language_en      => ::Language[row['lang']].english_name,
+            :title            => row['title'],
+            :description      => row['description'],
             :image            => {
                 :title            => row['image'],
                 :width            => row['width'].to_i,
@@ -175,7 +175,7 @@ def get_josm_style_rules_result(total, res)
             :key        => row['k'],
             :value      => row['v'],
             :value_bool => row['b'],
-            :rule       => h(row['rule']),
+            :rule       => row['rule'],
             :area_color => row['area_color'] ? h(row['area_color'].sub(/^.*#/, '#')) : '',
             :line_color => row['line_color'] ? h(row['line_color'].sub(/^.*#/, '#')) : '',
             :line_width => row['line_width'] ? row['line_width'].to_i : 0,
author	Jochen Topf <jochen@topf.org>	2013-01-30 22:06:36 +0100
committer	Jochen Topf <jochen@topf.org>	2013-01-30 22:06:36 +0100
commit	59ca7dcc45cae63309795d3b30822fa06d4b7cb1 (patch)
tree	18f54697ff03a214f4c79eedfae83183f7efb8b0 /web/lib
parent	ce090c57c55e0e4d4ed36ef8274f89ff810b1fe1 (diff)
download	taginfo-59ca7dcc45cae63309795d3b30822fa06d4b7cb1.tar taginfo-59ca7dcc45cae63309795d3b30822fa06d4b7cb1.tar.gz