Sanitise without needing html safe

2 years ago · 9ff2c2706f
2 changed files with 7 additions and 0 deletions
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@ -31,6 +31,12 @@ module ApplicationHelper
    !current_page?(notifications_path) && (authenticated_user_has_notifications? || unauthenticated_user_has_notifications?)
  end

+  def sanitise_characters(string)
+    return string unless string
+
+    string.gsub("'", "’").gsub("&", "and")
+  end
+
 private

  def paginated_title(title, pagy)
--- a/app/helpers/title_helper.rb
+++ b/app/helpers/title_helper.rb
@ -4,6 +4,7 @@ module TitleHelper
  end

  def format_title(searched, page_title, current_user, item_label, count, organisation_name)
+    organisation_name = sanitise_characters(organisation_name)
    if searched.present?
      actual_title = support_sab_nav?(current_user, organisation_name) ? organisation_name : page_title
      "#{actual_title} (#{count} #{item_label} matching ‘#{searched}’)"