From 5cd65d0566b7d05c796baee16d4fb32f23b2a0a1 Mon Sep 17 00:00:00 2001
From: Hans de Graaff <hans@degraaff.org>
Date: Fri, 2 Jan 2009 13:51:49 +0100
Subject: [PATCH] Don't run double sanitation on a string.

This messes up legitimate markup returned by sanitize, such as &lt; when
a description contains '<'.
---
 app/views/todos/_todo.html.erb | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/app/views/todos/_todo.html.erb b/app/views/todos/_todo.html.erb
index 2de2c5c5..ea72735b 100644
--- a/app/views/todos/_todo.html.erb
+++ b/app/views/todos/_todo.html.erb
@@ -23,7 +23,7 @@ parameters += "&_tag_name=#{@tag_name}" if @source_view == 'tag'
     </ul></ul>
     <div class="description<%= staleness_class( todo ) %>">
       <%= date_span -%>
-      <span class="todo.descr"><%= h sanitize(todo.description) %></span>
+      <span class="todo.descr"><%= sanitize(todo.description) %></span>
       <%= image_tag_for_recurring_todo(todo) if @todo.from_recurring_todo? %>
       <%= tag_list %>
       <%= deferred_due_date %>
@@ -37,4 +37,9 @@ parameters += "&_tag_name=#{@tag_name}" if @source_view == 'tag'
       <div class="placeholder"> </div>
     <% end -%>
   </div>
-</div>
\ No newline at end of file
+<<<<<<< HEAD:app/views/todos/_todo.html.erb
+</div>
+=======
+</div>
+<%=  apply_behaviour ".date_clear:click","var selector_x = this.getAttribute('id').replace('_x', ''); $(selector_x).value='';" %>
+>>>>>>> Don't run double sanitation on a string.:app/views/todos/_todo.html.erb