I think this can be fixed by replacing
html = content_tag("a", name || email_address_obfuscated.html_safe,
html_options.merge({
"href" => "mailto:"+html_escape(email_address)+extras }))
with
html = content_tag("a", name || html_escape(email_address_obfuscated),
html_options.merge({ "href" => "mailto:"+html_escape(email_address)+extras }))
in 0001-Be-sure-to-javascript_escape-the-email-address-to-pr.patch
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
