actionpack 1.13.6 → 2.0.0

data/test/template/sanitize_helper_test.rb

@@ -0,0 +1,49 @@
+require "#{File.dirname(__FILE__)}/../abstract_unit"
+require "#{File.dirname(__FILE__)}/../testing_sandbox"
+
+# The exhaustive tests are in test/controller/html/sanitizer_test.rb.
+# This tests the that the helpers hook up correctly to the sanitizer classes.
+class SanitizeHelperTest < Test::Unit::TestCase
+  include ActionView::Helpers::SanitizeHelper
+  include ActionView::Helpers::TagHelper
+  include TestingSandbox
+
+  def test_strip_links
+    assert_equal "Dont touch me", strip_links("Dont touch me")
+    assert_equal "<a<a", strip_links("<a<a")
+    assert_equal "on my mind\nall day long", strip_links("<a href='almost'>on my mind</a>\n<A href='almost'>all day long</A>")
+    assert_equal "0wn3d", strip_links("<a href='http://www.rubyonrails.com/'><a href='http://www.rubyonrails.com/' onlclick='steal()'>0wn3d</a></a>") 
+    assert_equal "Magic", strip_links("<a href='http://www.rubyonrails.com/'>Mag<a href='http://www.ruby-lang.org/'>ic") 
+    assert_equal "FrrFox", strip_links("<href onlclick='steal()'>FrrFox</a></href>") 
+    assert_equal "My mind\nall <b>day</b> long", strip_links("<a href='almost'>My mind</a>\n<A href='almost'>all <b>day</b> long</A>")
+    assert_equal "all <b>day</b> long", strip_links("<<a>a href='hello'>all <b>day</b> long<</A>/a>")
+  end
+
+  def test_sanitize_form
+    assert_sanitized "<form action=\"/foo/bar\" method=\"post\"><input></form>", ''
+  end
+
+  def test_should_sanitize_illegal_style_properties
+    raw      = %(display:block; position:absolute; left:0; top:0; width:100%; height:100%; z-index:1; background-color:black; background-image:url(http://www.ragingplatypus.com/i/cam-full.jpg); background-x:center; background-y:center; background-repeat:repeat;)
+    expected = %(display: block; width: 100%; height: 100%; background-color: black; background-image: ; background-x: center; background-y: center;)
+    assert_equal expected, sanitize_css(raw)
+  end
+
+  def test_strip_tags
+    assert_equal("<<<bad html", strip_tags("<<<bad html"))
+    assert_equal("<<", strip_tags("<<<bad html>"))
+    assert_equal("Dont touch me", strip_tags("Dont touch me"))
+    assert_equal("This is a test.", strip_tags("<p>This <u>is<u> a <a href='test.html'><strong>test</strong></a>.</p>"))
+    assert_equal("Weirdos", strip_tags("Wei<<a>a onclick='alert(document.cookie);'</a>/>rdos"))
+    assert_equal("This is a test.", strip_tags("This is a test."))
+    assert_equal(
+    %{This is a test.\n\n\nIt no longer contains any HTML.\n}, strip_tags(
+    %{<title>This is <b>a <a href="" target="_blank">test</a></b>.</title>\n\n<!-- it has a comment -->\n\n<p>It no <b>longer <strong>contains <em>any <strike>HTML</strike></em>.</strong></b></p>\n}))
+    assert_equal "This has a  here.", strip_tags("This has a <!-- comment --> here.")
+    [nil, '', '   '].each { |blank| assert_equal blank, strip_tags(blank) }
+  end
+
+  def assert_sanitized(text, expected = nil)
+    assert_equal((expected || text), sanitize(text))
+  end
+end

data/test/template/scriptaculous_helper_test.rb

@@ -1,4 +1,4 @@
-require File.dirname(__FILE__) + '/../abstract_unit'
+require "#{File.dirname(__FILE__)}/../abstract_unit"
 
 class ScriptaculousHelperTest < Test::Unit::TestCase
   include ActionView::Helpers::JavaScriptHelper
@@ -13,7 +13,7 @@ class ScriptaculousHelperTest < Test::Unit::TestCase
   
   def setup
     @controller = Class.new do
-      def url_for(options, *parameters_for_method_reference)
+      def url_for(options)
         url =  "http://www.example.com/"
         url << options[:action].to_s if options and options[:action]
         url
@@ -28,6 +28,8 @@ class ScriptaculousHelperTest < Test::Unit::TestCase
     assert_equal "new Effect.Fade(\"fademe\",{duration:4.0});", visual_effect(:fade, "fademe", :duration => 4.0)
     assert_equal "new Effect.Shake(element,{});", visual_effect(:shake)
     assert_equal "new Effect.DropOut(\"dropme\",{queue:'end'});", visual_effect(:drop_out, 'dropme', :queue => :end)
+    assert_equal "new Effect.Highlight(\"status\",{endcolor:'#EEEEEE'});", visual_effect(:highlight, 'status', :endcolor => '#EEEEEE')
+    assert_equal "new Effect.Highlight(\"status\",{restorecolor:'#500000', startcolor:'#FEFEFE'});", visual_effect(:highlight, 'status', :restorecolor => '#500000', :startcolor => '#FEFEFE')
 
     # chop the queue params into a comma separated list
     beginning, ending = 'new Effect.DropOut("dropme",{queue:{', '}});'
@@ -87,4 +89,8 @@ class ScriptaculousHelperTest < Test::Unit::TestCase
     assert_dom_equal %(<script type=\"text/javascript\">\n//<![CDATA[\nDroppables.add(\"droptarget1\", {accept:['tshirts','mugs'], onDrop:function(element){new Ajax.Updater('infobox', 'http://www.example.com/', {asynchronous:true, evalScripts:true, parameters:'id=' + encodeURIComponent(element.id)})}})\n//]]>\n</script>),
       drop_receiving_element("droptarget1", :accept => ['tshirts','mugs'], :update => 'infobox')
   end
-end
+
+  def protect_against_forgery?
+    false
+  end
+end

data/test/template/tag_helper_test.rb

@@ -1,4 +1,4 @@
-require File.dirname(__FILE__) + '/../abstract_unit'
+require "#{File.dirname(__FILE__)}/../abstract_unit"
 
 class TagHelperTest < Test::Unit::TestCase
   include ActionView::Helpers::TagHelper
@@ -13,7 +13,9 @@ class TagHelperTest < Test::Unit::TestCase
   end
 
   def test_tag_options
-    assert_match /\A<p class="(show|elsewhere)" \/>\z/, tag("p", "class" => "show", :class => "elsewhere")
+    str = tag("p", "class" => "show", :class => "elsewhere")
+    assert_match /class="show"/, str
+    assert_match /class="elsewhere"/, str
   end
 
   def test_tag_options_rejects_nil_option
@@ -47,6 +49,11 @@ class TagHelperTest < Test::Unit::TestCase
     assert_dom_equal %(<div class="green">Hello world!</div>), _erbout
   end
   
+  def test_content_tag_with_block_and_options_outside_of_action_view
+    assert_equal content_tag("a", "Create", :href => "create"),
+                 content_tag("a", "href" => "create") { "Create" }    
+  end
+  
   def test_cdata_section
     assert_equal "<![CDATA[<hello world>]]>", cdata_section("<hello world>")
   end
@@ -66,4 +73,8 @@ class TagHelperTest < Test::Unit::TestCase
       assert_equal %(<a href="#{escaped.gsub /&/, '&amp;'}" />), tag('a', :href => escaped)
     end
   end
+
+  def test_disable_escaping
+    assert_equal '<a href="&amp;" />', tag('a', { :href => '&amp;' }, false, false)
+  end
 end

data/test/template/text_helper_test.rb

@@ -1,11 +1,11 @@
-require File.dirname(__FILE__) + '/../abstract_unit'
+require "#{File.dirname(__FILE__)}/../abstract_unit"
 require "#{File.dirname(__FILE__)}/../testing_sandbox"
 
 class TextHelperTest < Test::Unit::TestCase
   include ActionView::Helpers::TextHelper
   include ActionView::Helpers::TagHelper
   include TestingSandbox
-  
+
   def setup
     # This simulates the fact that instance variables are reset every time
     # a view is rendered.  The cycle helper depends on this behavior.
@@ -31,6 +31,11 @@ class TextHelperTest < Test::Unit::TestCase
     assert_equal "Hello Wor...", truncate("Hello World!!", 12)
   end
 
+  def test_truncate_should_use_default_length_of_30
+    str = "This is a string that will go longer then the default truncate length of 30"
+    assert_equal str[0...27] + "...", truncate(str)
+  end
+
   def test_truncate_multibyte
     with_kcode 'none' do
       assert_equal "\354\225\210\353\205\225\355...", truncate("\354\225\210\353\205\225\355\225\230\354\204\270\354\232\224", 10) 
@@ -41,10 +46,6 @@ class TextHelperTest < Test::Unit::TestCase
     end
   end
   
-  def test_strip_links
-    assert_equal "on my mind\nall day long", strip_links("<a href='almost'>on my mind</a>\n<A href='almost'>all day long</A>")
-  end
-
   def test_highlighter
     assert_equal(
       "This is a <strong class=\"highlight\">beautiful</strong> morning",
@@ -65,6 +66,8 @@ class TextHelperTest < Test::Unit::TestCase
       "This text is not changed because we supplied an empty phrase",
       highlight("This text is not changed because we supplied an empty phrase", nil)
     )
+
+    assert_equal '   ', highlight('   ', 'blank text is returned verbatim')
   end
 
   def test_highlighter_with_regexp
@@ -84,6 +87,10 @@ class TextHelperTest < Test::Unit::TestCase
     )
   end
 
+  def test_highlighting_multiple_phrases_in_one_pass
+    assert_equal %(<em>wow</em> <em>em</em>), highlight('wow em', %w(wow em), '<em>\1</em>')
+  end
+
   def test_excerpt
     assert_equal("...is a beautiful morni...", excerpt("This is a beautiful morning", "beautiful", 5))
     assert_equal("This is a...", excerpt("This is a beautiful morning", "this", 5))
@@ -109,6 +116,10 @@ class TextHelperTest < Test::Unit::TestCase
     assert_equal("my very very\nvery long\nstring", word_wrap("my very very very long string", 15))
   end
 
+  def test_word_wrap_with_extra_newlines
+    assert_equal("my very very\nvery long\nstring\n\nwith another\nline", word_wrap("my very very very long string\n\nwith another line", 15))
+  end
+
   def test_pluralization
     assert_equal("1 count", pluralize(1, "count"))
     assert_equal("2 counts", pluralize(2, "count"))
@@ -117,6 +128,20 @@ class TextHelperTest < Test::Unit::TestCase
     assert_equal("1,066 counts", pluralize('1,066', "count"))
     assert_equal("1.25 counts", pluralize('1.25', "count"))
     assert_equal("2 counters", pluralize(2, "count", "counters"))
+    assert_equal("0 counters", pluralize(nil, "count", "counters"))
+    assert_equal("2 people", pluralize(2, "person"))
+    assert_equal("10 buffaloes", pluralize(10, "buffalo")) 
+  end
+
+  uses_mocha("should_just_add_s_for_pluralize_without_inflector_loaded") do
+    def test_should_just_add_s_for_pluralize_without_inflector_loaded
+      Object.expects(:const_defined?).with("Inflector").times(4).returns(false)
+      assert_equal("1 count", pluralize(1, "count"))
+      assert_equal("2 persons", pluralize(2, "person"))
+      assert_equal("2 personss", pluralize("2", "persons"))
+      assert_equal("2 counts", pluralize(2, "count"))
+      assert_equal("10 buffalos", pluralize(10, "buffalo"))
+    end
   end
 
   def test_auto_link_parsing
@@ -132,6 +157,7 @@ class TextHelperTest < Test::Unit::TestCase
               http://www.rubyonrails.com/contact;new?with=query&string=params
               http://www.rubyonrails.com/~minam/contact;new?with=query&string=params
               http://en.wikipedia.org/wiki/Wikipedia:Today%27s_featured_picture_%28animation%29/January_20%2C_2007
+              http://www.mail-archive.com/rails@lists.rubyonrails.org/
             )
 
     urls.each do |url|
@@ -142,6 +168,8 @@ class TextHelperTest < Test::Unit::TestCase
   def test_auto_linking
     email_raw    = 'david@loudthinking.com'
     email_result = %{<a href="mailto:#{email_raw}">#{email_raw}</a>}
+    email2_raw    = '+david@loudthinking.com'
+    email2_result = %{<a href="mailto:#{email2_raw}">#{email2_raw}</a>}
     link_raw     = 'http://www.rubyonrails.com'
     link_result  = %{<a href="#{link_raw}">#{link_raw}</a>}
     link_result_with_options  = %{<a href="#{link_raw}" target="_blank">#{link_raw}</a>}
@@ -161,6 +189,8 @@ class TextHelperTest < Test::Unit::TestCase
     link8_result = %{<a href="#{link8_raw}">#{link8_raw}</a>}
     link9_raw    = 'http://business.timesonline.co.uk/article/0,,9065-2473189,00.html'
     link9_result = %{<a href="#{link9_raw}">#{link9_raw}</a>}
+    link10_raw    = 'http://www.mail-archive.com/ruby-talk@ruby-lang.org/'
+    link10_result = %{<a href="#{link10_raw}">#{link10_raw}</a>}
 
     assert_equal %(hello #{email_result}), auto_link("hello #{email_raw}", :email_addresses)
     assert_equal %(Go to #{link_result}), auto_link("Go to #{link_raw}", :urls)
@@ -200,6 +230,8 @@ class TextHelperTest < Test::Unit::TestCase
     assert_equal %(<p>#{link9_result} Link</p>), auto_link("<p>#{link9_raw} Link</p>")
     assert_equal %(Go to #{link9_result}.), auto_link(%(Go to #{link9_raw}.))
     assert_equal %(<p>Go to #{link9_result}. seriously, #{link9_result}? i think I'll say hello to #{email_result}. instead.</p>), auto_link(%(<p>Go to #{link9_raw}. seriously, #{link9_raw}? i think I'll say hello to #{email_raw}. instead.</p>))
+    assert_equal %(<p>#{link10_result} Link</p>), auto_link("<p>#{link10_raw} Link</p>")
+    assert_equal email2_result, auto_link(email2_raw)
     assert_equal '', auto_link(nil)
     assert_equal '', auto_link('')
   end
@@ -218,42 +250,6 @@ class TextHelperTest < Test::Unit::TestCase
     assert_equal %(<p><a href="#{url}">#{url[0...7]}...</a><br /><a href="mailto:#{email}">#{email[0...7]}...</a><br /></p>), auto_link("<p>#{url}<br />#{email}<br /></p>") { |url| truncate(url, 10) }
   end
 
-  def test_sanitize_form
-    raw = "<form action=\"/foo/bar\" method=\"post\"><input></form>"
-    result = sanitize(raw)
-    assert_equal %(&lt;form action="/foo/bar" method="post"><input>&lt;/form>), result
-  end
-
-  def test_sanitize_plaintext
-    raw = "<plaintext><span>foo</span></plaintext>"
-    result = sanitize(raw)
-    assert_equal "&lt;plaintext><span>foo</span>&lt;/plaintext>", result
-  end
-
-  def test_sanitize_script
-    raw = "<script language=\"Javascript\">blah blah blah</script>"
-    result = sanitize(raw)
-    assert_equal %(&lt;script language="Javascript">blah blah blah&lt;/script>), result
-  end
-
-  def test_sanitize_js_handlers
-    raw = %{onthis="do that" <a href="#" onclick="hello" name="foo" onbogus="remove me">hello</a>}
-    result = sanitize(raw)
-    assert_equal %{onthis="do that" <a name="foo" href="#">hello</a>}, result
-  end
-
-  def test_sanitize_javascript_href
-    raw = %{href="javascript:bang" <a href="javascript:bang" name="hello">foo</a>, <span href="javascript:bang">bar</span>}
-    result = sanitize(raw)
-    assert_equal %{href="javascript:bang" <a name="hello">foo</a>, <span>bar</span>}, result
-  end
-  
-  def test_sanitize_image_src
-    raw = %{src="javascript:bang" <img src="javascript:bang" width="5">foo</img>, <span src="javascript:bang">bar</span>}
-    result = sanitize(raw)
-    assert_equal %{src="javascript:bang" <img width="5">foo</img>, <span>bar</span>}, result
-  end
-  
   def test_cycle_class
     value = Cycle.new("one", 2, "3")
     assert_equal("one", value.to_s)
@@ -336,14 +332,4 @@ class TextHelperTest < Test::Unit::TestCase
     assert_equal("red", cycle("red", "blue"))
     assert_equal(%w{Specialized Fuji Giant}, @cycles)
   end
-
-  def test_strip_tags
-    assert_equal("This is a test.", strip_tags("<p>This <u>is<u> a <a href='test.html'><strong>test</strong></a>.</p>"))
-    assert_equal("This is a test.", strip_tags("This is a test."))
-    assert_equal(
-    %{This is a test.\n\n\nIt no longer contains any HTML.\n}, strip_tags(
-    %{<title>This is <b>a <a href="" target="_blank">test</a></b>.</title>\n\n<!-- it has a comment -->\n\n<p>It no <b>longer <strong>contains <em>any <strike>HTML</strike></em>.</strong></b></p>\n}))
-    assert_equal "This has a  here.", strip_tags("This has a <!-- comment --> here.")
-    [nil, '', '   '].each { |blank| assert_equal blank, strip_tags(blank) }
-  end
 end

data/test/template/url_helper_test.rb

@@ -1,10 +1,6 @@
-require File.dirname(__FILE__) + '/../abstract_unit'
+require "#{File.dirname(__FILE__)}/../abstract_unit"
 
-require File.dirname(__FILE__) + '/../../lib/action_view/helpers/url_helper'
-require File.dirname(__FILE__) + '/../../lib/action_view/helpers/asset_tag_helper'
-require File.dirname(__FILE__) + '/../../lib/action_view/helpers/tag_helper'
-
-RequestMock = Struct.new("Request", :request_uri, :protocol, :host_with_port)
+RequestMock = Struct.new("Request", :request_uri, :protocol, :host_with_port, :env)
 
 class UrlHelperTest < Test::Unit::TestCase
   include ActionView::Helpers::AssetTagHelper
@@ -14,14 +10,14 @@ class UrlHelperTest < Test::Unit::TestCase
   def setup
     @controller = Class.new do
       attr_accessor :url, :request
-      def url_for(options, *parameters_for_method_reference)
+      def url_for(options)
         url
       end
     end
     @controller = @controller.new
     @controller.url = "http://www.example.com"
   end
-  
+
   def test_url_for_escapes_urls
     @controller.url = "http://www.example.com?a=b&c=d"
     assert_equal "http://www.example.com?a=b&amp;c=d", url_for(:a => 'b', :c => 'd')
@@ -29,6 +25,11 @@ class UrlHelperTest < Test::Unit::TestCase
     assert_equal "http://www.example.com?a=b&c=d", url_for(:a => 'b', :c => 'd', :escape => false)
   end
 
+  def test_url_for_escapes_url_once
+    @controller.url = "http://www.example.com?a=b&amp;c=d"
+    assert_equal "http://www.example.com?a=b&amp;c=d", url_for("http://www.example.com?a=b&amp;c=d")
+  end
+
   # todo: missing test cases
   def test_button_to_with_straight_url
     assert_dom_equal "<form method=\"post\" action=\"http://www.example.com\" class=\"button-to\"><div><input type=\"submit\" value=\"Hello\" /></div></form>", button_to("Hello", "http://www.example.com")
@@ -63,14 +64,14 @@ class UrlHelperTest < Test::Unit::TestCase
       button_to("Hello", "http://www.example.com", :disabled => true)
     )
   end
-  
+
   def test_button_to_with_method_delete
     assert_dom_equal(
       "<form method=\"post\" action=\"http://www.example.com\" class=\"button-to\"><div><input type=\"hidden\" name=\"_method\" value=\"delete\" /><input type=\"submit\" value=\"Hello\" /></div></form>",
       button_to("Hello", "http://www.example.com", :method => :delete)
     )
   end
-  
+
   def test_button_to_with_method_get
     assert_dom_equal(
       "<form method=\"get\" action=\"http://www.example.com\" class=\"button-to\"><div><input type=\"submit\" value=\"Hello\" /></div></form>",
@@ -81,6 +82,24 @@ class UrlHelperTest < Test::Unit::TestCase
   def test_link_tag_with_straight_url
     assert_dom_equal "<a href=\"http://www.example.com\">Hello</a>", link_to("Hello", "http://www.example.com")
   end
+  
+  def test_link_tag_without_host_option
+    ActionController::Base.class_eval { attr_accessor :url }
+    url = {:controller => 'weblog', :action => 'show'}
+    @controller = ActionController::Base.new
+    @controller.request = ActionController::TestRequest.new
+    @controller.url = ActionController::UrlRewriter.new(@controller.request, url)
+    assert_dom_equal(%q{<a href="/weblog/show">Test Link</a>}, link_to('Test Link', url))
+  end
+
+  def test_link_tag_with_host_option
+    ActionController::Base.class_eval { attr_accessor :url }
+    url = {:controller => 'weblog', :action => 'show', :host => 'www.example.com'}
+    @controller = ActionController::Base.new
+    @controller.request = ActionController::TestRequest.new
+    @controller.url = ActionController::UrlRewriter.new(@controller.request, url)
+    assert_dom_equal(%q{<a href="http://www.example.com/weblog/show">Test Link</a>}, link_to('Test Link', url))
+  end
 
   def test_link_tag_with_query
     assert_dom_equal "<a href=\"http://www.example.com?q1=v1&amp;q2=v2\">Hello</a>", link_to("Hello", "http://www.example.com?q1=v1&amp;q2=v2")
@@ -90,6 +109,26 @@ class UrlHelperTest < Test::Unit::TestCase
     assert_dom_equal "<a href=\"http://www.example.com?q1=v1&amp;q2=v2\">http://www.example.com?q1=v1&amp;q2=v2</a>", link_to(nil, "http://www.example.com?q1=v1&amp;q2=v2")
   end
 
+  def test_link_tag_with_back
+    @controller.request = RequestMock.new("http://www.example.com/weblog/show", nil, nil, {'HTTP_REFERER' => 'http://www.example.com/referer'})
+    assert_dom_equal "<a href=\"http://www.example.com/referer\">go back</a>", link_to('go back', :back)
+  end
+
+  def test_link_tag_with_back_and_no_referer
+    @controller.request = RequestMock.new("http://www.example.com/weblog/show", nil, nil, {})
+    assert_dom_equal "<a href=\"javascript:history.back()\">go back</a>", link_to('go back', :back)
+  end
+
+  def test_link_tag_with_back
+    @controller.request = RequestMock.new("http://www.example.com/weblog/show", nil, nil, {'HTTP_REFERER' => 'http://www.example.com/referer'})
+    assert_dom_equal "<a href=\"http://www.example.com/referer\">go back</a>", link_to('go back', :back)
+  end
+  
+  def test_link_tag_with_back_and_no_referer
+    @controller.request = RequestMock.new("http://www.example.com/weblog/show", nil, nil, {})
+    assert_dom_equal "<a href=\"javascript:history.back()\">go back</a>", link_to('go back', :back)
+  end
+
   def test_link_tag_with_img
     assert_dom_equal "<a href=\"http://www.example.com\"><img src='/favicon.jpg' /></a>", link_to("<img src='/favicon.jpg' />", "http://www.example.com")
   end
@@ -101,18 +140,18 @@ class UrlHelperTest < Test::Unit::TestCase
   def test_link_tag_with_custom_onclick
     assert_dom_equal "<a href=\"http://www.example.com\" onclick=\"alert('yay!')\">Hello</a>", link_to("Hello", "http://www.example.com", :onclick => "alert('yay!')")
   end
-  
+
   def test_link_tag_with_javascript_confirm
     assert_dom_equal(
       "<a href=\"http://www.example.com\" onclick=\"return confirm('Are you sure?');\">Hello</a>",
       link_to("Hello", "http://www.example.com", :confirm => "Are you sure?")
     )
     assert_dom_equal(
-      "<a href=\"http://www.example.com\" onclick=\"return confirm('You can\\'t possibly be sure, can you?');\">Hello</a>", 
+      "<a href=\"http://www.example.com\" onclick=\"return confirm('You can\\'t possibly be sure, can you?');\">Hello</a>",
       link_to("Hello", "http://www.example.com", :confirm => "You can't possibly be sure, can you?")
     )
     assert_dom_equal(
-      "<a href=\"http://www.example.com\" onclick=\"return confirm('You can\\'t possibly be sure,\\n can you?');\">Hello</a>", 
+      "<a href=\"http://www.example.com\" onclick=\"return confirm('You can\\'t possibly be sure,\\n can you?');\">Hello</a>",
       link_to("Hello", "http://www.example.com", :confirm => "You can't possibly be sure,\n can you?")
     )
   end
@@ -123,15 +162,15 @@ class UrlHelperTest < Test::Unit::TestCase
       link_to("Hello", "http://www.example.com", :popup => true)
     )
     assert_dom_equal(
-      "<a href=\"http://www.example.com\" onclick=\"window.open(this.href);return false;\">Hello</a>", 
+      "<a href=\"http://www.example.com\" onclick=\"window.open(this.href);return false;\">Hello</a>",
       link_to("Hello", "http://www.example.com", :popup => 'true')
     )
     assert_dom_equal(
-      "<a href=\"http://www.example.com\" onclick=\"window.open(this.href,'window_name','width=300,height=300');return false;\">Hello</a>", 
+      "<a href=\"http://www.example.com\" onclick=\"window.open(this.href,'window_name','width=300,height=300');return false;\">Hello</a>",
       link_to("Hello", "http://www.example.com", :popup => ['window_name', 'width=300,height=300'])
     )
   end
-  
+
   def test_link_tag_with_popup_and_javascript_confirm
     assert_dom_equal(
       "<a href=\"http://www.example.com\" onclick=\"if (confirm('Fo\\' sho\\'?')) { window.open(this.href); };return false;\">Hello</a>",
@@ -142,16 +181,7 @@ class UrlHelperTest < Test::Unit::TestCase
       link_to("Hello", "http://www.example.com", { :popup => ['window_name', 'width=300,height=300'], :confirm => "Are you serious?" })
     )
   end
-  
-  def test_link_tag_with_post_is_deprecated
-    assert_deprecated 'post' do
-      assert_dom_equal(
-        "<a href='http://www.example.com' onclick=\"var f = document.createElement('form'); f.style.display = 'none'; this.parentNode.appendChild(f); f.method = 'POST'; f.action = this.href;f.submit();return false;\">Hello</a>",
-        link_to("Hello", "http://www.example.com", :post => true)
-      )
-    end
-  end
-  
+
   def test_link_tag_using_post_javascript
     assert_dom_equal(
       "<a href='http://www.example.com' onclick=\"var f = document.createElement('form'); f.style.display = 'none'; this.parentNode.appendChild(f); f.method = 'POST'; f.action = this.href;f.submit();return false;\">Hello</a>",
@@ -165,14 +195,21 @@ class UrlHelperTest < Test::Unit::TestCase
       link_to("Destroy", "http://www.example.com", :method => :delete)
     )
   end
-  
+
+  def test_link_tag_using_delete_javascript_and_href
+    assert_dom_equal(
+      "<a href='\#' onclick=\"var f = document.createElement('form'); f.style.display = 'none'; this.parentNode.appendChild(f); f.method = 'POST'; f.action = 'http://www.example.com';var m = document.createElement('input'); m.setAttribute('type', 'hidden'); m.setAttribute('name', '_method'); m.setAttribute('value', 'delete'); f.appendChild(m);f.submit();return false;\">Destroy</a>",
+      link_to("Destroy", "http://www.example.com", :method => :delete, :href => '#')
+    )
+  end
+
   def test_link_tag_using_post_javascript_and_confirm
     assert_dom_equal(
       "<a href=\"http://www.example.com\" onclick=\"if (confirm('Are you serious?')) { var f = document.createElement('form'); f.style.display = 'none'; this.parentNode.appendChild(f); f.method = 'POST'; f.action = this.href;f.submit(); };return false;\">Hello</a>",
       link_to("Hello", "http://www.example.com", :method => :post, :confirm => "Are you serious?")
-    )    
+    )
   end
-  
+
   def test_link_tag_using_post_javascript_and_popup
     assert_raises(ActionView::ActionViewError) { link_to("Hello", "http://www.example.com", :popup => true, :method => :post, :confirm => "Are you serious?") }
   end
@@ -181,17 +218,17 @@ class UrlHelperTest < Test::Unit::TestCase
     assert_equal "Showing", link_to_unless(true, "Showing", :action => "show", :controller => "weblog")
     assert_dom_equal "<a href=\"http://www.example.com\">Listing</a>", link_to_unless(false, "Listing", :action => "list", :controller => "weblog")
     assert_equal "Showing", link_to_unless(true, "Showing", :action => "show", :controller => "weblog", :id => 1)
-    assert_equal "<strong>Showing</strong>", link_to_unless(true, "Showing", :action => "show", :controller => "weblog", :id => 1) { |name, options, html_options, *parameters_for_method_reference|
+    assert_equal "<strong>Showing</strong>", link_to_unless(true, "Showing", :action => "show", :controller => "weblog", :id => 1) { |name, options, html_options|
       "<strong>#{name}</strong>"
     }
     assert_equal "<strong>Showing</strong>", link_to_unless(true, "Showing", :action => "show", :controller => "weblog", :id => 1) { |name|
       "<strong>#{name}</strong>"
-    }    
+    }
     assert_equal "test", link_to_unless(true, "Showing", :action => "show", :controller => "weblog", :id => 1) {
       "test"
-    }    
+    }
   end
-  
+
   def test_link_to_if
     assert_equal "Showing", link_to_if(false, "Showing", :action => "show", :controller => "weblog")
     assert_dom_equal "<a href=\"http://www.example.com\">Listing</a>", link_to_if(true, "Listing", :action => "list", :controller => "weblog")
@@ -226,41 +263,46 @@ class UrlHelperTest < Test::Unit::TestCase
   def test_mail_to_with_javascript
     assert_dom_equal "<script type=\"text/javascript\">eval(unescape('%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%27%3c%61%20%68%72%65%66%3d%22%6d%61%69%6c%74%6f%3a%6d%65%40%64%6f%6d%61%69%6e%2e%63%6f%6d%22%3e%4d%79%20%65%6d%61%69%6c%3c%2f%61%3e%27%29%3b'))</script>", mail_to("me@domain.com", "My email", :encode => "javascript")
   end
-  
+
   def test_mail_with_options
     assert_dom_equal(
       %(<a href="mailto:me@example.com?cc=ccaddress%40example.com&amp;bcc=bccaddress%40example.com&amp;body=This%20is%20the%20body%20of%20the%20message.&amp;subject=This%20is%20an%20example%20email">My email</a>),
       mail_to("me@example.com", "My email", :cc => "ccaddress@example.com", :bcc => "bccaddress@example.com", :subject => "This is an example email", :body => "This is the body of the message.")
     )
   end
-  
+
   def test_mail_to_with_img
     assert_dom_equal %(<a href="mailto:feedback@example.com"><img src="/feedback.png" /></a>), mail_to('feedback@example.com', '<img src="/feedback.png" />')
   end
 
   def test_mail_to_with_hex
-    assert_dom_equal "<a href=\"mailto:%6d%65@%64%6f%6d%61%69%6e.%63%6f%6d\">My email</a>", mail_to("me@domain.com", "My email", :encode => "hex")
+    assert_dom_equal "<a href=\"&#109;&#97;&#105;&#108;&#116;&#111;&#58;%6d%65@%64%6f%6d%61%69%6e.%63%6f%6d\">My email</a>", mail_to("me@domain.com", "My email", :encode => "hex")
+    assert_dom_equal "<a href=\"&#109;&#97;&#105;&#108;&#116;&#111;&#58;%6d%65@%64%6f%6d%61%69%6e.%63%6f%6d\">&#109;&#101;&#64;&#100;&#111;&#109;&#97;&#105;&#110;&#46;&#99;&#111;&#109;</a>", mail_to("me@domain.com", nil, :encode => "hex")
   end
 
   def test_mail_to_with_replace_options
     assert_dom_equal "<a href=\"mailto:wolfgang@stufenlos.net\">wolfgang(at)stufenlos(dot)net</a>", mail_to("wolfgang@stufenlos.net", nil, :replace_at => "(at)", :replace_dot => "(dot)")
-    assert_dom_equal "<a href=\"mailto:%6d%65@%64%6f%6d%61%69%6e.%63%6f%6d\">me(at)domain.com</a>", mail_to("me@domain.com", nil, :encode => "hex", :replace_at => "(at)")
-    assert_dom_equal "<a href=\"mailto:%6d%65@%64%6f%6d%61%69%6e.%63%6f%6d\">My email</a>", mail_to("me@domain.com", "My email", :encode => "hex", :replace_at => "(at)")
-    assert_dom_equal "<a href=\"mailto:%6d%65@%64%6f%6d%61%69%6e.%63%6f%6d\">me(at)domain(dot)com</a>", mail_to("me@domain.com", nil, :encode => "hex", :replace_at => "(at)", :replace_dot => "(dot)")
+    assert_dom_equal "<a href=\"&#109;&#97;&#105;&#108;&#116;&#111;&#58;%6d%65@%64%6f%6d%61%69%6e.%63%6f%6d\">&#109;&#101;&#40;&#97;&#116;&#41;&#100;&#111;&#109;&#97;&#105;&#110;&#46;&#99;&#111;&#109;</a>", mail_to("me@domain.com", nil, :encode => "hex", :replace_at => "(at)")
+    assert_dom_equal "<a href=\"&#109;&#97;&#105;&#108;&#116;&#111;&#58;%6d%65@%64%6f%6d%61%69%6e.%63%6f%6d\">My email</a>", mail_to("me@domain.com", "My email", :encode => "hex", :replace_at => "(at)")
+    assert_dom_equal "<a href=\"&#109;&#97;&#105;&#108;&#116;&#111;&#58;%6d%65@%64%6f%6d%61%69%6e.%63%6f%6d\">&#109;&#101;&#40;&#97;&#116;&#41;&#100;&#111;&#109;&#97;&#105;&#110;&#40;&#100;&#111;&#116;&#41;&#99;&#111;&#109;</a>", mail_to("me@domain.com", nil, :encode => "hex", :replace_at => "(at)", :replace_dot => "(dot)")
     assert_dom_equal "<script type=\"text/javascript\">eval(unescape('%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%27%3c%61%20%68%72%65%66%3d%22%6d%61%69%6c%74%6f%3a%6d%65%40%64%6f%6d%61%69%6e%2e%63%6f%6d%22%3e%4d%79%20%65%6d%61%69%6c%3c%2f%61%3e%27%29%3b'))</script>", mail_to("me@domain.com", "My email", :encode => "javascript", :replace_at => "(at)", :replace_dot => "(dot)")
   end
+  
+  def protect_against_forgery?
+    false
+  end
 end
 
 class UrlHelperWithControllerTest < Test::Unit::TestCase
   class UrlHelperController < ActionController::Base
-    self.template_root = "#{File.dirname(__FILE__)}/../fixtures/"
+    self.view_paths = [ "#{File.dirname(__FILE__)}/../fixtures/" ]
 
     def self.controller_path; 'url_helper_with_controller' end
 
     def show_url_for
       render :inline => "<%= url_for :controller => 'url_helper_with_controller', :action => 'show_url_for' %>"
     end
-    
+
     def show_named_route
       render :inline => "<%= show_named_route_#{params[:kind]} %>"
     end
@@ -275,26 +317,26 @@ class UrlHelperWithControllerTest < Test::Unit::TestCase
     @response   = ActionController::TestResponse.new
     @controller = UrlHelperController.new
   end
-  
+
   def test_url_for_shows_only_path
     get :show_url_for
     assert_equal '/url_helper_with_controller/show_url_for', @response.body
   end
-  
+
   def test_named_route_shows_host_and_path
     with_url_helper_routing do
       get :show_named_route, :kind => 'url'
       assert_equal 'http://test.host/url_helper_with_controller/show_named_route', @response.body
     end
   end
-  
+
   def test_named_route_path_shows_only_path
     with_url_helper_routing do
       get :show_named_route, :kind => 'path'
       assert_equal '/url_helper_with_controller/show_named_route', @response.body
     end
   end
-  
+
   protected
     def with_url_helper_routing
       with_routing do |set|
@@ -308,7 +350,7 @@ end
 
 class LinkToUnlessCurrentWithControllerTest < Test::Unit::TestCase
   class TasksController < ActionController::Base
-    self.template_root = "#{File.dirname(__FILE__)}/../fixtures/"
+    self.view_paths = ["#{File.dirname(__FILE__)}/../fixtures/"]
 
     def self.controller_path; 'tasks' end
 
@@ -364,3 +406,131 @@ class LinkToUnlessCurrentWithControllerTest < Test::Unit::TestCase
       end
     end
 end
+
+
+class Workshop
+  attr_accessor :id, :new_record
+
+  def initialize(id, new_record)
+    @id, @new_record = id, new_record
+  end
+  
+  def new_record?
+    @new_record
+  end
+  
+  def to_s
+    id.to_s
+  end
+end
+
+class Session
+  attr_accessor :id, :workshop_id, :new_record
+
+  def initialize(id, new_record)
+    @id, @new_record = id, new_record
+  end
+
+  def new_record?
+    @new_record
+  end
+
+  def to_s
+    id.to_s
+  end
+end
+
+class PolymorphicControllerTest < Test::Unit::TestCase
+  class WorkshopsController < ActionController::Base
+    self.view_paths = ["#{File.dirname(__FILE__)}/../fixtures/"]
+
+    def self.controller_path; 'workshops' end
+
+    def index
+      @workshop = Workshop.new(1, true)
+      render :inline => "<%= url_for(@workshop) %>\n<%= link_to('Workshop', @workshop) %>"
+    end
+
+    def show
+      @workshop = Workshop.new(params[:id], false)
+      render :inline => "<%= url_for(@workshop) %>\n<%= link_to('Workshop', @workshop) %>"
+    end
+
+    def rescue_action(e) raise e end
+  end
+
+  class SessionsController < ActionController::Base
+    self.view_paths = ["#{File.dirname(__FILE__)}/../fixtures/"]
+
+    def self.controller_path; 'sessions' end
+
+    def index
+      @workshop = Workshop.new(params[:workshop_id], false)
+      @session = Session.new(1, true)
+      render :inline => "<%= url_for([@workshop, @session]) %>\n<%= link_to('Session', [@workshop, @session]) %>"
+    end
+
+    def show
+      @workshop = Workshop.new(params[:workshop_id], false)
+      @session = Session.new(params[:id], false)
+      render :inline => "<%= url_for([@workshop, @session]) %>\n<%= link_to('Session', [@workshop, @session]) %>"
+    end
+
+    def rescue_action(e) raise e end
+  end
+
+  include ActionView::Helpers::UrlHelper
+
+  def setup
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+  end
+
+  def test_new_resource
+    @controller = WorkshopsController.new
+
+    with_restful_routing do
+      get :index
+      assert_equal "/workshops\n<a href=\"/workshops\">Workshop</a>", @response.body
+    end
+  end
+
+  def test_existing_resource
+    @controller = WorkshopsController.new
+
+    with_restful_routing do
+      get :show, :id => 1
+      assert_equal "/workshops/1\n<a href=\"/workshops/1\">Workshop</a>", @response.body
+    end
+  end
+
+  def test_new_nested_resource
+    @controller = SessionsController.new
+
+    with_restful_routing do
+      get :index, :workshop_id => 1
+      assert_equal "/workshops/1/sessions\n<a href=\"/workshops/1/sessions\">Session</a>", @response.body
+    end
+  end
+
+  def test_existing_nested_resource
+    @controller = SessionsController.new
+
+    with_restful_routing do
+      get :show, :workshop_id => 1, :id => 1
+      assert_equal "/workshops/1/sessions/1\n<a href=\"/workshops/1/sessions/1\">Session</a>", @response.body
+    end
+  end
+
+  protected
+    def with_restful_routing
+      with_routing do |set|
+        set.draw do |map|
+          map.resources :workshops do |w|
+            w.resources :sessions
+          end
+        end
+        yield
+      end
+    end
+end