From 99b0578b4ce6849eb7115c7ac5ce3baceb3cd7e9 Mon Sep 17 00:00:00 2001
From: Mayfield <3902405+mayfieldiv@users.noreply.github.com>
Date: Wed, 8 Jun 2022 01:42:37 -0400
Subject: [PATCH] FIX: escape youtube title when constructing onebox preview
html (#16999)
---
lib/onebox/engine/youtube_onebox.rb | 2 +-
spec/lib/oneboxer_spec.rb | 7 ++++++-
2 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/lib/onebox/engine/youtube_onebox.rb b/lib/onebox/engine/youtube_onebox.rb
index eaa1496f2d9..fed887f221c 100644
--- a/lib/onebox/engine/youtube_onebox.rb
+++ b/lib/onebox/engine/youtube_onebox.rb
@@ -42,7 +42,7 @@ module Onebox
result = parse_embed_response
result ||= get_opengraph.data
- "
"
+ ""
else
to_html
end
diff --git a/spec/lib/oneboxer_spec.rb b/spec/lib/oneboxer_spec.rb
index d1411b14619..d8f6b8246b3 100644
--- a/spec/lib/oneboxer_spec.rb
+++ b/spec/lib/oneboxer_spec.rb
@@ -384,7 +384,7 @@ describe Oneboxer do
<<~HTML
-
+
@@ -416,6 +416,11 @@ describe Oneboxer do
output = Oneboxer.onebox("https://www.youtube.com/watch?v=dQw4w9WgXcQ", invalidate_oneboxes: true)
expect(output).to include("