ROAD-540 Escape HTML in stories' description and extra info fields (#300)

arielj · web-flow · commit ec32eed0aed7 · 2023-09-06T14:45:51.000-03:00
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
@@ -2,7 +2,8 @@ module ApplicationHelper
   OPTIONS = {
     hard_wrap: true,
     link_attributes: {rel: "nofollow", target: "_blank"},
-    no_intra_emphasis: true
+    no_intra_emphasis: true,
+    escape_html: true
   }.freeze
 
   EXTENSIONS = {
