From 8a9e9d9184ff1c22819758fb8e6b3ef15972faf4 Mon Sep 17 00:00:00 2001
From: benji <benj_cous@hotmail.com>
Date: Fri, 20 May 2016 15:08:14 +0200
Subject: [PATCH] Use decent escaping of special characters in transaction
 messages

---
 app/assets/javascripts/transactions.js | 6 ++++++
 app/controllers/concerns/data_table.rb | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/app/assets/javascripts/transactions.js b/app/assets/javascripts/transactions.js
index dc81726..a7071f6 100644
--- a/app/assets/javascripts/transactions.js
+++ b/app/assets/javascripts/transactions.js
@@ -34,6 +34,12 @@ ready = function() {
       render: function(data, type, full, meta) {
         return (data/100).toFixed(2);
       }
+    },
+    {
+      targets: 4,
+      render: function(data, type, full, meta) {
+        return new Option(data).innerHTML
+      }
     }
     ]
   });
diff --git a/app/controllers/concerns/data_table.rb b/app/controllers/concerns/data_table.rb
index d662685..fbfc765 100644
--- a/app/controllers/concerns/data_table.rb
+++ b/app/controllers/concerns/data_table.rb
@@ -13,7 +13,7 @@ class DataTable
       draw: @params[:draw],
       recordsTotal: @user.transactions.count,
       recordsFiltered: count,
-      data: data.map { |d| (d["message"] = json_escape(d["message"])) && d }
+      data: data
     }
   end
   private