actionpack_csi 2.3.5.p6
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELOG +5184 -0
- data/MIT-LICENSE +21 -0
- data/README +409 -0
- data/RUNNING_UNIT_TESTS +24 -0
- data/Rakefile +160 -0
- data/install.rb +30 -0
- data/lib/action_controller/assertions/dom_assertions.rb +55 -0
- data/lib/action_controller/assertions/model_assertions.rb +21 -0
- data/lib/action_controller/assertions/response_assertions.rb +160 -0
- data/lib/action_controller/assertions/routing_assertions.rb +146 -0
- data/lib/action_controller/assertions/selector_assertions.rb +638 -0
- data/lib/action_controller/assertions/tag_assertions.rb +127 -0
- data/lib/action_controller/base.rb +1423 -0
- data/lib/action_controller/benchmarking.rb +107 -0
- data/lib/action_controller/caching/actions.rb +177 -0
- data/lib/action_controller/caching/fragments.rb +120 -0
- data/lib/action_controller/caching/pages.rb +152 -0
- data/lib/action_controller/caching/sweeper.rb +45 -0
- data/lib/action_controller/caching/sweeping.rb +55 -0
- data/lib/action_controller/caching.rb +71 -0
- data/lib/action_controller/cgi_ext/cookie.rb +112 -0
- data/lib/action_controller/cgi_ext/query_extension.rb +22 -0
- data/lib/action_controller/cgi_ext/stdinput.rb +24 -0
- data/lib/action_controller/cgi_ext.rb +15 -0
- data/lib/action_controller/cgi_process.rb +77 -0
- data/lib/action_controller/cookies.rb +95 -0
- data/lib/action_controller/dispatcher.rb +133 -0
- data/lib/action_controller/failsafe.rb +86 -0
- data/lib/action_controller/filters.rb +680 -0
- data/lib/action_controller/flash.rb +171 -0
- data/lib/action_controller/headers.rb +33 -0
- data/lib/action_controller/helpers.rb +225 -0
- data/lib/action_controller/http_authentication.rb +309 -0
- data/lib/action_controller/integration.rb +692 -0
- data/lib/action_controller/layout.rb +286 -0
- data/lib/action_controller/middleware_stack.rb +119 -0
- data/lib/action_controller/middlewares.rb +14 -0
- data/lib/action_controller/mime_responds.rb +193 -0
- data/lib/action_controller/mime_type.rb +212 -0
- data/lib/action_controller/mime_types.rb +21 -0
- data/lib/action_controller/params_parser.rb +77 -0
- data/lib/action_controller/performance_test.rb +15 -0
- data/lib/action_controller/polymorphic_routes.rb +189 -0
- data/lib/action_controller/rack_lint_patch.rb +36 -0
- data/lib/action_controller/record_identifier.rb +104 -0
- data/lib/action_controller/reloader.rb +54 -0
- data/lib/action_controller/request.rb +493 -0
- data/lib/action_controller/request_forgery_protection.rb +113 -0
- data/lib/action_controller/rescue.rb +183 -0
- data/lib/action_controller/resources.rb +682 -0
- data/lib/action_controller/response.rb +239 -0
- data/lib/action_controller/routing/builder.rb +197 -0
- data/lib/action_controller/routing/optimisations.rb +130 -0
- data/lib/action_controller/routing/recognition_optimisation.rb +167 -0
- data/lib/action_controller/routing/route.rb +265 -0
- data/lib/action_controller/routing/route_set.rb +502 -0
- data/lib/action_controller/routing/routing_ext.rb +49 -0
- data/lib/action_controller/routing/segments.rb +343 -0
- data/lib/action_controller/routing.rb +388 -0
- data/lib/action_controller/session/abstract_store.rb +181 -0
- data/lib/action_controller/session/cookie_store.rb +221 -0
- data/lib/action_controller/session/mem_cache_store.rb +51 -0
- data/lib/action_controller/session_management.rb +54 -0
- data/lib/action_controller/status_codes.rb +88 -0
- data/lib/action_controller/streaming.rb +181 -0
- data/lib/action_controller/string_coercion.rb +29 -0
- data/lib/action_controller/templates/rescues/_request_and_response.erb +24 -0
- data/lib/action_controller/templates/rescues/_trace.erb +26 -0
- data/lib/action_controller/templates/rescues/diagnostics.erb +11 -0
- data/lib/action_controller/templates/rescues/layout.erb +29 -0
- data/lib/action_controller/templates/rescues/missing_template.erb +2 -0
- data/lib/action_controller/templates/rescues/routing_error.erb +10 -0
- data/lib/action_controller/templates/rescues/template_error.erb +21 -0
- data/lib/action_controller/templates/rescues/unknown_action.erb +2 -0
- data/lib/action_controller/test_case.rb +209 -0
- data/lib/action_controller/test_process.rb +580 -0
- data/lib/action_controller/translation.rb +13 -0
- data/lib/action_controller/uploaded_file.rb +44 -0
- data/lib/action_controller/url_rewriter.rb +216 -0
- data/lib/action_controller/vendor/html-scanner/html/document.rb +68 -0
- data/lib/action_controller/vendor/html-scanner/html/node.rb +537 -0
- data/lib/action_controller/vendor/html-scanner/html/sanitizer.rb +173 -0
- data/lib/action_controller/vendor/html-scanner/html/selector.rb +828 -0
- data/lib/action_controller/vendor/html-scanner/html/tokenizer.rb +105 -0
- data/lib/action_controller/vendor/html-scanner/html/version.rb +11 -0
- data/lib/action_controller/vendor/html-scanner.rb +16 -0
- data/lib/action_controller/verification.rb +130 -0
- data/lib/action_controller.rb +113 -0
- data/lib/action_pack/version.rb +9 -0
- data/lib/action_pack.rb +24 -0
- data/lib/action_view/base.rb +362 -0
- data/lib/action_view/erb/util.rb +44 -0
- data/lib/action_view/helpers/active_record_helper.rb +305 -0
- data/lib/action_view/helpers/asset_tag_helper.rb +694 -0
- data/lib/action_view/helpers/atom_feed_helper.rb +198 -0
- data/lib/action_view/helpers/benchmark_helper.rb +54 -0
- data/lib/action_view/helpers/cache_helper.rb +39 -0
- data/lib/action_view/helpers/capture_helper.rb +136 -0
- data/lib/action_view/helpers/date_helper.rb +988 -0
- data/lib/action_view/helpers/debug_helper.rb +38 -0
- data/lib/action_view/helpers/form_helper.rb +1074 -0
- data/lib/action_view/helpers/form_options_helper.rb +600 -0
- data/lib/action_view/helpers/form_tag_helper.rb +487 -0
- data/lib/action_view/helpers/javascript_helper.rb +208 -0
- data/lib/action_view/helpers/number_helper.rb +308 -0
- data/lib/action_view/helpers/prototype_helper.rb +1305 -0
- data/lib/action_view/helpers/raw_output_helper.rb +9 -0
- data/lib/action_view/helpers/record_identification_helper.rb +20 -0
- data/lib/action_view/helpers/record_tag_helper.rb +58 -0
- data/lib/action_view/helpers/sanitize_helper.rb +259 -0
- data/lib/action_view/helpers/scriptaculous_helper.rb +226 -0
- data/lib/action_view/helpers/tag_helper.rb +150 -0
- data/lib/action_view/helpers/text_helper.rb +587 -0
- data/lib/action_view/helpers/translation_helper.rb +39 -0
- data/lib/action_view/helpers/url_helper.rb +639 -0
- data/lib/action_view/helpers.rb +59 -0
- data/lib/action_view/inline_template.rb +19 -0
- data/lib/action_view/locale/en.yml +117 -0
- data/lib/action_view/partials.rb +240 -0
- data/lib/action_view/paths.rb +69 -0
- data/lib/action_view/reloadable_template.rb +117 -0
- data/lib/action_view/renderable.rb +95 -0
- data/lib/action_view/renderable_partial.rb +47 -0
- data/lib/action_view/safe_buffer.rb +28 -0
- data/lib/action_view/template.rb +252 -0
- data/lib/action_view/template_error.rb +99 -0
- data/lib/action_view/template_handler.rb +34 -0
- data/lib/action_view/template_handlers/builder.rb +17 -0
- data/lib/action_view/template_handlers/erb.rb +22 -0
- data/lib/action_view/template_handlers/rjs.rb +13 -0
- data/lib/action_view/template_handlers.rb +48 -0
- data/lib/action_view/test_case.rb +162 -0
- data/lib/action_view.rb +58 -0
- data/lib/actionpack.rb +2 -0
- data/test/abstract_unit.rb +61 -0
- data/test/active_record_unit.rb +104 -0
- data/test/activerecord/active_record_store_test.rb +174 -0
- data/test/activerecord/render_partial_with_record_identification_test.rb +188 -0
- data/test/adv_attr_test.rb +20 -0
- data/test/controller/action_pack_assertions_test.rb +543 -0
- data/test/controller/addresses_render_test.rb +37 -0
- data/test/controller/assert_select_test.rb +734 -0
- data/test/controller/base_test.rb +217 -0
- data/test/controller/benchmark_test.rb +32 -0
- data/test/controller/caching_test.rb +729 -0
- data/test/controller/capture_test.rb +66 -0
- data/test/controller/content_type_test.rb +168 -0
- data/test/controller/controller_fixtures/app/controllers/admin/user_controller.rb +0 -0
- data/test/controller/controller_fixtures/app/controllers/user_controller.rb +0 -0
- data/test/controller/controller_fixtures/vendor/plugins/bad_plugin/lib/plugin_controller.rb +0 -0
- data/test/controller/cookie_test.rb +134 -0
- data/test/controller/deprecation/deprecated_base_methods_test.rb +32 -0
- data/test/controller/dispatcher_test.rb +144 -0
- data/test/controller/dom_assertions_test.rb +53 -0
- data/test/controller/failsafe_test.rb +60 -0
- data/test/controller/fake_controllers.rb +33 -0
- data/test/controller/fake_models.rb +19 -0
- data/test/controller/filter_params_test.rb +52 -0
- data/test/controller/filters_test.rb +885 -0
- data/test/controller/flash_test.rb +147 -0
- data/test/controller/header_test.rb +14 -0
- data/test/controller/helper_test.rb +224 -0
- data/test/controller/html-scanner/cdata_node_test.rb +15 -0
- data/test/controller/html-scanner/document_test.rb +148 -0
- data/test/controller/html-scanner/node_test.rb +89 -0
- data/test/controller/html-scanner/sanitizer_test.rb +274 -0
- data/test/controller/html-scanner/tag_node_test.rb +238 -0
- data/test/controller/html-scanner/text_node_test.rb +50 -0
- data/test/controller/html-scanner/tokenizer_test.rb +131 -0
- data/test/controller/http_basic_authentication_test.rb +113 -0
- data/test/controller/http_digest_authentication_test.rb +254 -0
- data/test/controller/integration_test.rb +483 -0
- data/test/controller/layout_test.rb +215 -0
- data/test/controller/logging_test.rb +46 -0
- data/test/controller/middleware_stack_test.rb +90 -0
- data/test/controller/mime_responds_test.rb +536 -0
- data/test/controller/mime_type_test.rb +93 -0
- data/test/controller/polymorphic_routes_test.rb +297 -0
- data/test/controller/rack_test.rb +311 -0
- data/test/controller/record_identifier_test.rb +139 -0
- data/test/controller/redirect_test.rb +285 -0
- data/test/controller/reloader_test.rb +124 -0
- data/test/controller/render_test.rb +1762 -0
- data/test/controller/request/json_params_parsing_test.rb +65 -0
- data/test/controller/request/multipart_params_parsing_test.rb +162 -0
- data/test/controller/request/query_string_parsing_test.rb +120 -0
- data/test/controller/request/test_request_test.rb +35 -0
- data/test/controller/request/url_encoded_params_parsing_test.rb +146 -0
- data/test/controller/request/xml_params_parsing_test.rb +103 -0
- data/test/controller/request_forgery_protection_test.rb +265 -0
- data/test/controller/request_test.rb +395 -0
- data/test/controller/rescue_test.rb +536 -0
- data/test/controller/resources_test.rb +1393 -0
- data/test/controller/routing_test.rb +2591 -0
- data/test/controller/selector_test.rb +628 -0
- data/test/controller/send_file_test.rb +171 -0
- data/test/controller/session/cookie_store_test.rb +216 -0
- data/test/controller/session/mem_cache_store_test.rb +127 -0
- data/test/controller/session/test_session_test.rb +58 -0
- data/test/controller/test_test.rb +700 -0
- data/test/controller/translation_test.rb +26 -0
- data/test/controller/url_rewriter_test.rb +385 -0
- data/test/controller/verification_test.rb +270 -0
- data/test/controller/view_paths_test.rb +141 -0
- data/test/controller/webservice_test.rb +273 -0
- data/test/fixtures/_top_level_partial.html.erb +1 -0
- data/test/fixtures/_top_level_partial_only.erb +1 -0
- data/test/fixtures/addresses/list.erb +1 -0
- data/test/fixtures/alternate_helpers/foo_helper.rb +3 -0
- data/test/fixtures/bad_customers/_bad_customer.html.erb +1 -0
- data/test/fixtures/companies.yml +24 -0
- data/test/fixtures/company.rb +10 -0
- data/test/fixtures/content_type/render_default_content_types_for_respond_to.rhtml +1 -0
- data/test/fixtures/content_type/render_default_for_rhtml.rhtml +1 -0
- data/test/fixtures/content_type/render_default_for_rjs.rjs +1 -0
- data/test/fixtures/content_type/render_default_for_rxml.rxml +1 -0
- data/test/fixtures/customers/_customer.html.erb +1 -0
- data/test/fixtures/db_definitions/sqlite.sql +49 -0
- data/test/fixtures/developer.rb +9 -0
- data/test/fixtures/developers/_developer.erb +1 -0
- data/test/fixtures/developers.yml +21 -0
- data/test/fixtures/developers_projects.yml +13 -0
- data/test/fixtures/failsafe/500.html +1 -0
- data/test/fixtures/fun/games/_game.erb +1 -0
- data/test/fixtures/fun/games/hello_world.erb +1 -0
- data/test/fixtures/fun/serious/games/_game.erb +1 -0
- data/test/fixtures/functional_caching/_partial.erb +3 -0
- data/test/fixtures/functional_caching/formatted_fragment_cached.html.erb +3 -0
- data/test/fixtures/functional_caching/formatted_fragment_cached.js.rjs +6 -0
- data/test/fixtures/functional_caching/formatted_fragment_cached.xml.builder +5 -0
- data/test/fixtures/functional_caching/fragment_cached.html.erb +2 -0
- data/test/fixtures/functional_caching/html_fragment_cached_with_partial.html.erb +1 -0
- data/test/fixtures/functional_caching/inline_fragment_cached.html.erb +2 -0
- data/test/fixtures/functional_caching/js_fragment_cached_with_partial.js.rjs +1 -0
- data/test/fixtures/good_customers/_good_customer.html.erb +1 -0
- data/test/fixtures/helpers/abc_helper.rb +5 -0
- data/test/fixtures/helpers/fun/games_helper.rb +3 -0
- data/test/fixtures/helpers/fun/pdf_helper.rb +3 -0
- data/test/fixtures/layout_tests/abs_path_layout.rhtml +1 -0
- data/test/fixtures/layout_tests/alt/hello.rhtml +1 -0
- data/test/fixtures/layout_tests/alt/layouts/alt.rhtml +0 -0
- data/test/fixtures/layout_tests/layouts/controller_name_space/nested.rhtml +1 -0
- data/test/fixtures/layout_tests/layouts/item.rhtml +1 -0
- data/test/fixtures/layout_tests/layouts/layout_test.rhtml +1 -0
- data/test/fixtures/layout_tests/layouts/multiple_extensions.html.erb +1 -0
- data/test/fixtures/layout_tests/layouts/third_party_template_library.mab +1 -0
- data/test/fixtures/layout_tests/views/hello.rhtml +1 -0
- data/test/fixtures/layouts/_column.html.erb +2 -0
- data/test/fixtures/layouts/block_with_layout.erb +3 -0
- data/test/fixtures/layouts/builder.builder +3 -0
- data/test/fixtures/layouts/default_html.html.erb +1 -0
- data/test/fixtures/layouts/partial_with_layout.erb +3 -0
- data/test/fixtures/layouts/standard.erb +1 -0
- data/test/fixtures/layouts/talk_from_action.erb +2 -0
- data/test/fixtures/layouts/xhr.html.erb +2 -0
- data/test/fixtures/layouts/yield.erb +2 -0
- data/test/fixtures/mascot.rb +3 -0
- data/test/fixtures/mascots/_mascot.html.erb +1 -0
- data/test/fixtures/mascots.yml +4 -0
- data/test/fixtures/multipart/binary_file +0 -0
- data/test/fixtures/multipart/boundary_problem_file +10 -0
- data/test/fixtures/multipart/bracketed_param +5 -0
- data/test/fixtures/multipart/empty +10 -0
- data/test/fixtures/multipart/hello.txt +1 -0
- data/test/fixtures/multipart/large_text_file +10 -0
- data/test/fixtures/multipart/mixed_files +0 -0
- data/test/fixtures/multipart/mona_lisa.jpg +0 -0
- data/test/fixtures/multipart/none +9 -0
- data/test/fixtures/multipart/single_parameter +5 -0
- data/test/fixtures/multipart/text_file +10 -0
- data/test/fixtures/override/test/hello_world.erb +1 -0
- data/test/fixtures/override2/layouts/test/sub.erb +1 -0
- data/test/fixtures/post_test/layouts/post.html.erb +1 -0
- data/test/fixtures/post_test/layouts/super_post.iphone.erb +1 -0
- data/test/fixtures/post_test/post/index.html.erb +1 -0
- data/test/fixtures/post_test/post/index.iphone.erb +1 -0
- data/test/fixtures/post_test/super_post/index.html.erb +1 -0
- data/test/fixtures/post_test/super_post/index.iphone.erb +1 -0
- data/test/fixtures/project.rb +3 -0
- data/test/fixtures/projects/_project.erb +1 -0
- data/test/fixtures/projects.yml +7 -0
- data/test/fixtures/public/404.html +1 -0
- data/test/fixtures/public/500.da.html +1 -0
- data/test/fixtures/public/500.html +1 -0
- data/test/fixtures/public/absolute/test.css +23 -0
- data/test/fixtures/public/absolute/test.js +63 -0
- data/test/fixtures/public/images/rails.png +0 -0
- data/test/fixtures/public/javascripts/application.js +1 -0
- data/test/fixtures/public/javascripts/bank.js +1 -0
- data/test/fixtures/public/javascripts/controls.js +1 -0
- data/test/fixtures/public/javascripts/dragdrop.js +1 -0
- data/test/fixtures/public/javascripts/effects.js +1 -0
- data/test/fixtures/public/javascripts/prototype.js +1 -0
- data/test/fixtures/public/javascripts/robber.js +1 -0
- data/test/fixtures/public/javascripts/subdir/subdir.js +1 -0
- data/test/fixtures/public/javascripts/version.1.0.js +1 -0
- data/test/fixtures/public/stylesheets/bank.css +1 -0
- data/test/fixtures/public/stylesheets/robber.css +1 -0
- data/test/fixtures/public/stylesheets/subdir/subdir.css +1 -0
- data/test/fixtures/public/stylesheets/version.1.0.css +1 -0
- data/test/fixtures/quiz/questions/_question.html.erb +1 -0
- data/test/fixtures/replies/_reply.erb +1 -0
- data/test/fixtures/replies.yml +15 -0
- data/test/fixtures/reply.rb +7 -0
- data/test/fixtures/respond_to/all_types_with_layout.html.erb +1 -0
- data/test/fixtures/respond_to/all_types_with_layout.js.rjs +1 -0
- data/test/fixtures/respond_to/custom_constant_handling_without_block.mobile.erb +1 -0
- data/test/fixtures/respond_to/iphone_with_html_response_type.html.erb +1 -0
- data/test/fixtures/respond_to/iphone_with_html_response_type.iphone.erb +1 -0
- data/test/fixtures/respond_to/layouts/missing.html.erb +1 -0
- data/test/fixtures/respond_to/layouts/standard.html.erb +1 -0
- data/test/fixtures/respond_to/layouts/standard.iphone.erb +1 -0
- data/test/fixtures/respond_to/using_defaults.html.erb +1 -0
- data/test/fixtures/respond_to/using_defaults.js.rjs +1 -0
- data/test/fixtures/respond_to/using_defaults.xml.builder +1 -0
- data/test/fixtures/respond_to/using_defaults_with_type_list.html.erb +1 -0
- data/test/fixtures/respond_to/using_defaults_with_type_list.js.rjs +1 -0
- data/test/fixtures/respond_to/using_defaults_with_type_list.xml.builder +1 -0
- data/test/fixtures/scope/test/modgreet.erb +1 -0
- data/test/fixtures/shared.html.erb +1 -0
- data/test/fixtures/symlink_parent/symlinked_layout.erb +5 -0
- data/test/fixtures/test/_counter.html.erb +1 -0
- data/test/fixtures/test/_customer.erb +1 -0
- data/test/fixtures/test/_customer_counter.erb +1 -0
- data/test/fixtures/test/_customer_greeting.erb +1 -0
- data/test/fixtures/test/_customer_with_var.erb +1 -0
- data/test/fixtures/test/_form.erb +1 -0
- data/test/fixtures/test/_from_helper.erb +1 -0
- data/test/fixtures/test/_hash_greeting.erb +1 -0
- data/test/fixtures/test/_hash_object.erb +2 -0
- data/test/fixtures/test/_hello.builder +1 -0
- data/test/fixtures/test/_labelling_form.erb +1 -0
- data/test/fixtures/test/_layout_for_block_with_args.html.erb +3 -0
- data/test/fixtures/test/_layout_for_partial.html.erb +3 -0
- data/test/fixtures/test/_local_inspector.html.erb +1 -0
- data/test/fixtures/test/_one.html.erb +1 -0
- data/test/fixtures/test/_partial.erb +1 -0
- data/test/fixtures/test/_partial.html.erb +1 -0
- data/test/fixtures/test/_partial.js.erb +1 -0
- data/test/fixtures/test/_partial_for_use_in_layout.html.erb +1 -0
- data/test/fixtures/test/_partial_only.erb +1 -0
- data/test/fixtures/test/_partial_with_only_html_version.html.erb +1 -0
- data/test/fixtures/test/_person.erb +2 -0
- data/test/fixtures/test/_raise.html.erb +1 -0
- data/test/fixtures/test/_two.html.erb +1 -0
- data/test/fixtures/test/action_talk_to_layout.erb +2 -0
- data/test/fixtures/test/calling_partial_with_layout.html.erb +1 -0
- data/test/fixtures/test/capturing.erb +4 -0
- data/test/fixtures/test/content_for.erb +2 -0
- data/test/fixtures/test/content_for_concatenated.erb +3 -0
- data/test/fixtures/test/content_for_with_parameter.erb +2 -0
- data/test/fixtures/test/delete_with_js.rjs +2 -0
- data/test/fixtures/test/dont_pick_me +1 -0
- data/test/fixtures/test/dot.directory/render_file_with_ivar.erb +1 -0
- data/test/fixtures/test/enum_rjs_test.rjs +6 -0
- data/test/fixtures/test/formatted_html_erb.html.erb +1 -0
- data/test/fixtures/test/formatted_xml_erb.builder +1 -0
- data/test/fixtures/test/formatted_xml_erb.html.erb +1 -0
- data/test/fixtures/test/formatted_xml_erb.xml.erb +1 -0
- data/test/fixtures/test/greeting.erb +1 -0
- data/test/fixtures/test/greeting.js.rjs +1 -0
- data/test/fixtures/test/hello.builder +4 -0
- data/test/fixtures/test/hello_world.da.html.erb +1 -0
- data/test/fixtures/test/hello_world.erb +1 -0
- data/test/fixtures/test/hello_world.erb~ +1 -0
- data/test/fixtures/test/hello_world.pt-BR.html.erb +1 -0
- data/test/fixtures/test/hello_world_container.builder +3 -0
- data/test/fixtures/test/hello_world_from_rxml.builder +4 -0
- data/test/fixtures/test/hello_world_with_layout_false.erb +1 -0
- data/test/fixtures/test/hello_xml_world.builder +11 -0
- data/test/fixtures/test/hyphen-ated.erb +1 -0
- data/test/fixtures/test/implicit_content_type.atom.builder +2 -0
- data/test/fixtures/test/list.erb +1 -0
- data/test/fixtures/test/malformed/malformed.en.html.erb~ +1 -0
- data/test/fixtures/test/malformed/malformed.erb~ +1 -0
- data/test/fixtures/test/malformed/malformed.html.erb~ +1 -0
- data/test/fixtures/test/nested_layout.erb +3 -0
- data/test/fixtures/test/non_erb_block_content_for.builder +4 -0
- data/test/fixtures/test/potential_conflicts.erb +4 -0
- data/test/fixtures/test/render_explicit_html_template.js.rjs +1 -0
- data/test/fixtures/test/render_file_from_template.html.erb +1 -0
- data/test/fixtures/test/render_file_with_ivar.erb +1 -0
- data/test/fixtures/test/render_file_with_locals.erb +1 -0
- data/test/fixtures/test/render_implicit_html_template.js.rjs +1 -0
- data/test/fixtures/test/render_implicit_html_template_from_xhr_request.da.html.erb +1 -0
- data/test/fixtures/test/render_implicit_html_template_from_xhr_request.html.erb +1 -0
- data/test/fixtures/test/render_implicit_js_template_without_layout.js.erb +1 -0
- data/test/fixtures/test/render_to_string_test.erb +1 -0
- data/test/fixtures/test/sub_template_raise.html.erb +1 -0
- data/test/fixtures/test/template.erb +1 -0
- data/test/fixtures/test/update_element_with_capture.erb +9 -0
- data/test/fixtures/test/using_layout_around_block.html.erb +1 -0
- data/test/fixtures/test/using_layout_around_block_with_args.html.erb +1 -0
- data/test/fixtures/test/utf8.html.erb +2 -0
- data/test/fixtures/topic.rb +3 -0
- data/test/fixtures/topics/_topic.html.erb +1 -0
- data/test/fixtures/topics.yml +22 -0
- data/test/template/active_record_helper_i18n_test.rb +44 -0
- data/test/template/active_record_helper_test.rb +302 -0
- data/test/template/asset_tag_helper_test.rb +771 -0
- data/test/template/atom_feed_helper_test.rb +315 -0
- data/test/template/benchmark_helper_test.rb +86 -0
- data/test/template/compiled_templates_test.rb +204 -0
- data/test/template/date_helper_i18n_test.rb +121 -0
- data/test/template/date_helper_test.rb +2485 -0
- data/test/template/erb_util_test.rb +24 -0
- data/test/template/form_helper_test.rb +1393 -0
- data/test/template/form_options_helper_i18n_test.rb +27 -0
- data/test/template/form_options_helper_test.rb +807 -0
- data/test/template/form_tag_helper_test.rb +344 -0
- data/test/template/javascript_helper_test.rb +106 -0
- data/test/template/number_helper_i18n_test.rb +69 -0
- data/test/template/number_helper_test.rb +132 -0
- data/test/template/prototype_helper_test.rb +639 -0
- data/test/template/raw_output_helper_test.rb +21 -0
- data/test/template/record_tag_helper_test.rb +58 -0
- data/test/template/render_test.rb +290 -0
- data/test/template/sanitize_helper_test.rb +57 -0
- data/test/template/scriptaculous_helper_test.rb +90 -0
- data/test/template/tag_helper_test.rb +98 -0
- data/test/template/template_test.rb +32 -0
- data/test/template/test_test.rb +54 -0
- data/test/template/text_helper_test.rb +543 -0
- data/test/template/translation_helper_test.rb +32 -0
- data/test/template/url_helper_test.rb +622 -0
- data/test/testing_sandbox.rb +15 -0
- data/test/view/safe_buffer_test.rb +36 -0
- data/test/view/test_case_test.rb +176 -0
- metadata +531 -0
@@ -0,0 +1,537 @@
|
|
1
|
+
require 'strscan'
|
2
|
+
|
3
|
+
module HTML #:nodoc:
|
4
|
+
|
5
|
+
class Conditions < Hash #:nodoc:
|
6
|
+
def initialize(hash)
|
7
|
+
super()
|
8
|
+
hash = { :content => hash } unless Hash === hash
|
9
|
+
hash = keys_to_symbols(hash)
|
10
|
+
hash.each do |k,v|
|
11
|
+
case k
|
12
|
+
when :tag, :content then
|
13
|
+
# keys are valid, and require no further processing
|
14
|
+
when :attributes then
|
15
|
+
hash[k] = keys_to_strings(v)
|
16
|
+
when :parent, :child, :ancestor, :descendant, :sibling, :before,
|
17
|
+
:after
|
18
|
+
hash[k] = Conditions.new(v)
|
19
|
+
when :children
|
20
|
+
hash[k] = v = keys_to_symbols(v)
|
21
|
+
v.each do |k,v2|
|
22
|
+
case k
|
23
|
+
when :count, :greater_than, :less_than
|
24
|
+
# keys are valid, and require no further processing
|
25
|
+
when :only
|
26
|
+
v[k] = Conditions.new(v2)
|
27
|
+
else
|
28
|
+
raise "illegal key #{k.inspect} => #{v2.inspect}"
|
29
|
+
end
|
30
|
+
end
|
31
|
+
else
|
32
|
+
raise "illegal key #{k.inspect} => #{v.inspect}"
|
33
|
+
end
|
34
|
+
end
|
35
|
+
update hash
|
36
|
+
end
|
37
|
+
|
38
|
+
private
|
39
|
+
|
40
|
+
def keys_to_strings(hash)
|
41
|
+
hash.keys.inject({}) do |h,k|
|
42
|
+
h[k.to_s] = hash[k]
|
43
|
+
h
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
def keys_to_symbols(hash)
|
48
|
+
hash.keys.inject({}) do |h,k|
|
49
|
+
raise "illegal key #{k.inspect}" unless k.respond_to?(:to_sym)
|
50
|
+
h[k.to_sym] = hash[k]
|
51
|
+
h
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
56
|
+
# The base class of all nodes, textual and otherwise, in an HTML document.
|
57
|
+
class Node #:nodoc:
|
58
|
+
# The array of children of this node. Not all nodes have children.
|
59
|
+
attr_reader :children
|
60
|
+
|
61
|
+
# The parent node of this node. All nodes have a parent, except for the
|
62
|
+
# root node.
|
63
|
+
attr_reader :parent
|
64
|
+
|
65
|
+
# The line number of the input where this node was begun
|
66
|
+
attr_reader :line
|
67
|
+
|
68
|
+
# The byte position in the input where this node was begun
|
69
|
+
attr_reader :position
|
70
|
+
|
71
|
+
# Create a new node as a child of the given parent.
|
72
|
+
def initialize(parent, line=0, pos=0)
|
73
|
+
@parent = parent
|
74
|
+
@children = []
|
75
|
+
@line, @position = line, pos
|
76
|
+
end
|
77
|
+
|
78
|
+
# Return a textual representation of the node.
|
79
|
+
def to_s
|
80
|
+
s = ""
|
81
|
+
@children.each { |child| s << child.to_s }
|
82
|
+
s
|
83
|
+
end
|
84
|
+
|
85
|
+
# Return false (subclasses must override this to provide specific matching
|
86
|
+
# behavior.) +conditions+ may be of any type.
|
87
|
+
def match(conditions)
|
88
|
+
false
|
89
|
+
end
|
90
|
+
|
91
|
+
# Search the children of this node for the first node for which #find
|
92
|
+
# returns non +nil+. Returns the result of the #find call that succeeded.
|
93
|
+
def find(conditions)
|
94
|
+
conditions = validate_conditions(conditions)
|
95
|
+
@children.each do |child|
|
96
|
+
node = child.find(conditions)
|
97
|
+
return node if node
|
98
|
+
end
|
99
|
+
nil
|
100
|
+
end
|
101
|
+
|
102
|
+
# Search for all nodes that match the given conditions, and return them
|
103
|
+
# as an array.
|
104
|
+
def find_all(conditions)
|
105
|
+
conditions = validate_conditions(conditions)
|
106
|
+
|
107
|
+
matches = []
|
108
|
+
matches << self if match(conditions)
|
109
|
+
@children.each do |child|
|
110
|
+
matches.concat child.find_all(conditions)
|
111
|
+
end
|
112
|
+
matches
|
113
|
+
end
|
114
|
+
|
115
|
+
# Returns +false+. Subclasses may override this if they define a kind of
|
116
|
+
# tag.
|
117
|
+
def tag?
|
118
|
+
false
|
119
|
+
end
|
120
|
+
|
121
|
+
def validate_conditions(conditions)
|
122
|
+
Conditions === conditions ? conditions : Conditions.new(conditions)
|
123
|
+
end
|
124
|
+
|
125
|
+
def ==(node)
|
126
|
+
return false unless self.class == node.class && children.size == node.children.size
|
127
|
+
|
128
|
+
equivalent = true
|
129
|
+
|
130
|
+
children.size.times do |i|
|
131
|
+
equivalent &&= children[i] == node.children[i]
|
132
|
+
end
|
133
|
+
|
134
|
+
equivalent
|
135
|
+
end
|
136
|
+
|
137
|
+
class <<self
|
138
|
+
def parse(parent, line, pos, content, strict=true)
|
139
|
+
if content !~ /^<\S/
|
140
|
+
Text.new(parent, line, pos, content)
|
141
|
+
else
|
142
|
+
scanner = StringScanner.new(content)
|
143
|
+
|
144
|
+
unless scanner.skip(/</)
|
145
|
+
if strict
|
146
|
+
raise "expected <"
|
147
|
+
else
|
148
|
+
return Text.new(parent, line, pos, content)
|
149
|
+
end
|
150
|
+
end
|
151
|
+
|
152
|
+
if scanner.skip(/!\[CDATA\[/)
|
153
|
+
unless scanner.skip_until(/\]\]>/)
|
154
|
+
if strict
|
155
|
+
raise "expected ]]> (got #{scanner.rest.inspect} for #{content})"
|
156
|
+
else
|
157
|
+
scanner.skip_until(/\Z/)
|
158
|
+
end
|
159
|
+
end
|
160
|
+
|
161
|
+
return CDATA.new(parent, line, pos, scanner.pre_match.gsub(/<!\[CDATA\[/, ''))
|
162
|
+
end
|
163
|
+
|
164
|
+
closing = ( scanner.scan(/\//) ? :close : nil )
|
165
|
+
return Text.new(parent, line, pos, content) unless name = scanner.scan(/[-:\w\x00-\x09\x0b-\x0c\x0e-\x1f]+/)
|
166
|
+
name.downcase!
|
167
|
+
|
168
|
+
unless closing
|
169
|
+
scanner.skip(/\s*/)
|
170
|
+
attributes = {}
|
171
|
+
while attr = scanner.scan(/[-\w:]+/)
|
172
|
+
value = true
|
173
|
+
if scanner.scan(/\s*=\s*/)
|
174
|
+
if delim = scanner.scan(/['"]/)
|
175
|
+
value = ""
|
176
|
+
while text = scanner.scan(/[^#{delim}\\]+|./)
|
177
|
+
case text
|
178
|
+
when "\\" then
|
179
|
+
value << text
|
180
|
+
value << scanner.getch
|
181
|
+
when delim
|
182
|
+
break
|
183
|
+
else value << text
|
184
|
+
end
|
185
|
+
end
|
186
|
+
else
|
187
|
+
value = scanner.scan(/[^\s>\/]+/)
|
188
|
+
end
|
189
|
+
end
|
190
|
+
attributes[attr.downcase] = value
|
191
|
+
scanner.skip(/\s*/)
|
192
|
+
end
|
193
|
+
|
194
|
+
closing = ( scanner.scan(/\//) ? :self : nil )
|
195
|
+
end
|
196
|
+
|
197
|
+
unless scanner.scan(/\s*>/)
|
198
|
+
if strict
|
199
|
+
raise "expected > (got #{scanner.rest.inspect} for #{content}, #{attributes.inspect})"
|
200
|
+
else
|
201
|
+
# throw away all text until we find what we're looking for
|
202
|
+
scanner.skip_until(/>/) or scanner.terminate
|
203
|
+
end
|
204
|
+
end
|
205
|
+
|
206
|
+
Tag.new(parent, line, pos, name, attributes, closing)
|
207
|
+
end
|
208
|
+
end
|
209
|
+
end
|
210
|
+
end
|
211
|
+
|
212
|
+
# A node that represents text, rather than markup.
|
213
|
+
class Text < Node #:nodoc:
|
214
|
+
|
215
|
+
attr_reader :content
|
216
|
+
|
217
|
+
# Creates a new text node as a child of the given parent, with the given
|
218
|
+
# content.
|
219
|
+
def initialize(parent, line, pos, content)
|
220
|
+
super(parent, line, pos)
|
221
|
+
@content = content
|
222
|
+
end
|
223
|
+
|
224
|
+
# Returns the content of this node.
|
225
|
+
def to_s
|
226
|
+
@content
|
227
|
+
end
|
228
|
+
|
229
|
+
# Returns +self+ if this node meets the given conditions. Text nodes support
|
230
|
+
# conditions of the following kinds:
|
231
|
+
#
|
232
|
+
# * if +conditions+ is a string, it must be a substring of the node's
|
233
|
+
# content
|
234
|
+
# * if +conditions+ is a regular expression, it must match the node's
|
235
|
+
# content
|
236
|
+
# * if +conditions+ is a hash, it must contain a <tt>:content</tt> key that
|
237
|
+
# is either a string or a regexp, and which is interpreted as described
|
238
|
+
# above.
|
239
|
+
def find(conditions)
|
240
|
+
match(conditions) && self
|
241
|
+
end
|
242
|
+
|
243
|
+
# Returns non-+nil+ if this node meets the given conditions, or +nil+
|
244
|
+
# otherwise. See the discussion of #find for the valid conditions.
|
245
|
+
def match(conditions)
|
246
|
+
case conditions
|
247
|
+
when String
|
248
|
+
@content == conditions
|
249
|
+
when Regexp
|
250
|
+
@content =~ conditions
|
251
|
+
when Hash
|
252
|
+
conditions = validate_conditions(conditions)
|
253
|
+
|
254
|
+
# Text nodes only have :content, :parent, :ancestor
|
255
|
+
unless (conditions.keys - [:content, :parent, :ancestor]).empty?
|
256
|
+
return false
|
257
|
+
end
|
258
|
+
|
259
|
+
match(conditions[:content])
|
260
|
+
else
|
261
|
+
nil
|
262
|
+
end
|
263
|
+
end
|
264
|
+
|
265
|
+
def ==(node)
|
266
|
+
return false unless super
|
267
|
+
content == node.content
|
268
|
+
end
|
269
|
+
end
|
270
|
+
|
271
|
+
# A CDATA node is simply a text node with a specialized way of displaying
|
272
|
+
# itself.
|
273
|
+
class CDATA < Text #:nodoc:
|
274
|
+
def to_s
|
275
|
+
"<![CDATA[#{super}]]>"
|
276
|
+
end
|
277
|
+
end
|
278
|
+
|
279
|
+
# A Tag is any node that represents markup. It may be an opening tag, a
|
280
|
+
# closing tag, or a self-closing tag. It has a name, and may have a hash of
|
281
|
+
# attributes.
|
282
|
+
class Tag < Node #:nodoc:
|
283
|
+
|
284
|
+
# Either +nil+, <tt>:close</tt>, or <tt>:self</tt>
|
285
|
+
attr_reader :closing
|
286
|
+
|
287
|
+
# Either +nil+, or a hash of attributes for this node.
|
288
|
+
attr_reader :attributes
|
289
|
+
|
290
|
+
# The name of this tag.
|
291
|
+
attr_reader :name
|
292
|
+
|
293
|
+
# Create a new node as a child of the given parent, using the given content
|
294
|
+
# to describe the node. It will be parsed and the node name, attributes and
|
295
|
+
# closing status extracted.
|
296
|
+
def initialize(parent, line, pos, name, attributes, closing)
|
297
|
+
super(parent, line, pos)
|
298
|
+
@name = name
|
299
|
+
@attributes = attributes
|
300
|
+
@closing = closing
|
301
|
+
end
|
302
|
+
|
303
|
+
# A convenience for obtaining an attribute of the node. Returns +nil+ if
|
304
|
+
# the node has no attributes.
|
305
|
+
def [](attr)
|
306
|
+
@attributes ? @attributes[attr] : nil
|
307
|
+
end
|
308
|
+
|
309
|
+
# Returns non-+nil+ if this tag can contain child nodes.
|
310
|
+
def childless?(xml = false)
|
311
|
+
return false if xml && @closing.nil?
|
312
|
+
!@closing.nil? ||
|
313
|
+
@name =~ /^(img|br|hr|link|meta|area|base|basefont|
|
314
|
+
col|frame|input|isindex|param)$/ox
|
315
|
+
end
|
316
|
+
|
317
|
+
# Returns a textual representation of the node
|
318
|
+
def to_s
|
319
|
+
if @closing == :close
|
320
|
+
"</#{@name}>"
|
321
|
+
else
|
322
|
+
s = "<#{@name}"
|
323
|
+
@attributes.each do |k,v|
|
324
|
+
s << " #{k}"
|
325
|
+
s << "=\"#{v}\"" if String === v
|
326
|
+
end
|
327
|
+
s << " /" if @closing == :self
|
328
|
+
s << ">"
|
329
|
+
@children.each { |child| s << child.to_s }
|
330
|
+
s << "</#{@name}>" if @closing != :self && !@children.empty?
|
331
|
+
s
|
332
|
+
end
|
333
|
+
end
|
334
|
+
|
335
|
+
# If either the node or any of its children meet the given conditions, the
|
336
|
+
# matching node is returned. Otherwise, +nil+ is returned. (See the
|
337
|
+
# description of the valid conditions in the +match+ method.)
|
338
|
+
def find(conditions)
|
339
|
+
match(conditions) && self || super
|
340
|
+
end
|
341
|
+
|
342
|
+
# Returns +true+, indicating that this node represents an HTML tag.
|
343
|
+
def tag?
|
344
|
+
true
|
345
|
+
end
|
346
|
+
|
347
|
+
# Returns +true+ if the node meets any of the given conditions. The
|
348
|
+
# +conditions+ parameter must be a hash of any of the following keys
|
349
|
+
# (all are optional):
|
350
|
+
#
|
351
|
+
# * <tt>:tag</tt>: the node name must match the corresponding value
|
352
|
+
# * <tt>:attributes</tt>: a hash. The node's values must match the
|
353
|
+
# corresponding values in the hash.
|
354
|
+
# * <tt>:parent</tt>: a hash. The node's parent must match the
|
355
|
+
# corresponding hash.
|
356
|
+
# * <tt>:child</tt>: a hash. At least one of the node's immediate children
|
357
|
+
# must meet the criteria described by the hash.
|
358
|
+
# * <tt>:ancestor</tt>: a hash. At least one of the node's ancestors must
|
359
|
+
# meet the criteria described by the hash.
|
360
|
+
# * <tt>:descendant</tt>: a hash. At least one of the node's descendants
|
361
|
+
# must meet the criteria described by the hash.
|
362
|
+
# * <tt>:sibling</tt>: a hash. At least one of the node's siblings must
|
363
|
+
# meet the criteria described by the hash.
|
364
|
+
# * <tt>:after</tt>: a hash. The node must be after any sibling meeting
|
365
|
+
# the criteria described by the hash, and at least one sibling must match.
|
366
|
+
# * <tt>:before</tt>: a hash. The node must be before any sibling meeting
|
367
|
+
# the criteria described by the hash, and at least one sibling must match.
|
368
|
+
# * <tt>:children</tt>: a hash, for counting children of a node. Accepts the
|
369
|
+
# keys:
|
370
|
+
# ** <tt>:count</tt>: either a number or a range which must equal (or
|
371
|
+
# include) the number of children that match.
|
372
|
+
# ** <tt>:less_than</tt>: the number of matching children must be less than
|
373
|
+
# this number.
|
374
|
+
# ** <tt>:greater_than</tt>: the number of matching children must be
|
375
|
+
# greater than this number.
|
376
|
+
# ** <tt>:only</tt>: another hash consisting of the keys to use
|
377
|
+
# to match on the children, and only matching children will be
|
378
|
+
# counted.
|
379
|
+
#
|
380
|
+
# Conditions are matched using the following algorithm:
|
381
|
+
#
|
382
|
+
# * if the condition is a string, it must be a substring of the value.
|
383
|
+
# * if the condition is a regexp, it must match the value.
|
384
|
+
# * if the condition is a number, the value must match number.to_s.
|
385
|
+
# * if the condition is +true+, the value must not be +nil+.
|
386
|
+
# * if the condition is +false+ or +nil+, the value must be +nil+.
|
387
|
+
#
|
388
|
+
# Usage:
|
389
|
+
#
|
390
|
+
# # test if the node is a "span" tag
|
391
|
+
# node.match :tag => "span"
|
392
|
+
#
|
393
|
+
# # test if the node's parent is a "div"
|
394
|
+
# node.match :parent => { :tag => "div" }
|
395
|
+
#
|
396
|
+
# # test if any of the node's ancestors are "table" tags
|
397
|
+
# node.match :ancestor => { :tag => "table" }
|
398
|
+
#
|
399
|
+
# # test if any of the node's immediate children are "em" tags
|
400
|
+
# node.match :child => { :tag => "em" }
|
401
|
+
#
|
402
|
+
# # test if any of the node's descendants are "strong" tags
|
403
|
+
# node.match :descendant => { :tag => "strong" }
|
404
|
+
#
|
405
|
+
# # test if the node has between 2 and 4 span tags as immediate children
|
406
|
+
# node.match :children => { :count => 2..4, :only => { :tag => "span" } }
|
407
|
+
#
|
408
|
+
# # get funky: test to see if the node is a "div", has a "ul" ancestor
|
409
|
+
# # and an "li" parent (with "class" = "enum"), and whether or not it has
|
410
|
+
# # a "span" descendant that contains # text matching /hello world/:
|
411
|
+
# node.match :tag => "div",
|
412
|
+
# :ancestor => { :tag => "ul" },
|
413
|
+
# :parent => { :tag => "li",
|
414
|
+
# :attributes => { :class => "enum" } },
|
415
|
+
# :descendant => { :tag => "span",
|
416
|
+
# :child => /hello world/ }
|
417
|
+
def match(conditions)
|
418
|
+
conditions = validate_conditions(conditions)
|
419
|
+
# check content of child nodes
|
420
|
+
if conditions[:content]
|
421
|
+
if children.empty?
|
422
|
+
return false unless match_condition("", conditions[:content])
|
423
|
+
else
|
424
|
+
return false unless children.find { |child| child.match(conditions[:content]) }
|
425
|
+
end
|
426
|
+
end
|
427
|
+
|
428
|
+
# test the name
|
429
|
+
return false unless match_condition(@name, conditions[:tag]) if conditions[:tag]
|
430
|
+
|
431
|
+
# test attributes
|
432
|
+
(conditions[:attributes] || {}).each do |key, value|
|
433
|
+
return false unless match_condition(self[key], value)
|
434
|
+
end
|
435
|
+
|
436
|
+
# test parent
|
437
|
+
return false unless parent.match(conditions[:parent]) if conditions[:parent]
|
438
|
+
|
439
|
+
# test children
|
440
|
+
return false unless children.find { |child| child.match(conditions[:child]) } if conditions[:child]
|
441
|
+
|
442
|
+
# test ancestors
|
443
|
+
if conditions[:ancestor]
|
444
|
+
return false unless catch :found do
|
445
|
+
p = self
|
446
|
+
throw :found, true if p.match(conditions[:ancestor]) while p = p.parent
|
447
|
+
end
|
448
|
+
end
|
449
|
+
|
450
|
+
# test descendants
|
451
|
+
if conditions[:descendant]
|
452
|
+
return false unless children.find do |child|
|
453
|
+
# test the child
|
454
|
+
child.match(conditions[:descendant]) ||
|
455
|
+
# test the child's descendants
|
456
|
+
child.match(:descendant => conditions[:descendant])
|
457
|
+
end
|
458
|
+
end
|
459
|
+
|
460
|
+
# count children
|
461
|
+
if opts = conditions[:children]
|
462
|
+
matches = children.select do |c|
|
463
|
+
(c.kind_of?(HTML::Tag) and (c.closing == :self or ! c.childless?))
|
464
|
+
end
|
465
|
+
|
466
|
+
matches = matches.select { |c| c.match(opts[:only]) } if opts[:only]
|
467
|
+
opts.each do |key, value|
|
468
|
+
next if key == :only
|
469
|
+
case key
|
470
|
+
when :count
|
471
|
+
if Integer === value
|
472
|
+
return false if matches.length != value
|
473
|
+
else
|
474
|
+
return false unless value.include?(matches.length)
|
475
|
+
end
|
476
|
+
when :less_than
|
477
|
+
return false unless matches.length < value
|
478
|
+
when :greater_than
|
479
|
+
return false unless matches.length > value
|
480
|
+
else raise "unknown count condition #{key}"
|
481
|
+
end
|
482
|
+
end
|
483
|
+
end
|
484
|
+
|
485
|
+
# test siblings
|
486
|
+
if conditions[:sibling] || conditions[:before] || conditions[:after]
|
487
|
+
siblings = parent ? parent.children : []
|
488
|
+
self_index = siblings.index(self)
|
489
|
+
|
490
|
+
if conditions[:sibling]
|
491
|
+
return false unless siblings.detect do |s|
|
492
|
+
s != self && s.match(conditions[:sibling])
|
493
|
+
end
|
494
|
+
end
|
495
|
+
|
496
|
+
if conditions[:before]
|
497
|
+
return false unless siblings[self_index+1..-1].detect do |s|
|
498
|
+
s != self && s.match(conditions[:before])
|
499
|
+
end
|
500
|
+
end
|
501
|
+
|
502
|
+
if conditions[:after]
|
503
|
+
return false unless siblings[0,self_index].detect do |s|
|
504
|
+
s != self && s.match(conditions[:after])
|
505
|
+
end
|
506
|
+
end
|
507
|
+
end
|
508
|
+
|
509
|
+
true
|
510
|
+
end
|
511
|
+
|
512
|
+
def ==(node)
|
513
|
+
return false unless super
|
514
|
+
return false unless closing == node.closing && self.name == node.name
|
515
|
+
attributes == node.attributes
|
516
|
+
end
|
517
|
+
|
518
|
+
private
|
519
|
+
# Match the given value to the given condition.
|
520
|
+
def match_condition(value, condition)
|
521
|
+
case condition
|
522
|
+
when String
|
523
|
+
value && value == condition
|
524
|
+
when Regexp
|
525
|
+
value && value.match(condition)
|
526
|
+
when Numeric
|
527
|
+
value == condition.to_s
|
528
|
+
when true
|
529
|
+
!value.nil?
|
530
|
+
when false, nil
|
531
|
+
value.nil?
|
532
|
+
else
|
533
|
+
false
|
534
|
+
end
|
535
|
+
end
|
536
|
+
end
|
537
|
+
end
|
@@ -0,0 +1,173 @@
|
|
1
|
+
module HTML
|
2
|
+
class Sanitizer
|
3
|
+
def sanitize(text, options = {})
|
4
|
+
return text unless sanitizeable?(text)
|
5
|
+
tokenize(text, options).join
|
6
|
+
end
|
7
|
+
|
8
|
+
def sanitizeable?(text)
|
9
|
+
!(text.nil? || text.empty? || !text.index("<"))
|
10
|
+
end
|
11
|
+
|
12
|
+
protected
|
13
|
+
def tokenize(text, options)
|
14
|
+
tokenizer = HTML::Tokenizer.new(text)
|
15
|
+
result = []
|
16
|
+
while token = tokenizer.next
|
17
|
+
node = Node.parse(nil, 0, 0, token, false)
|
18
|
+
process_node node, result, options
|
19
|
+
end
|
20
|
+
result
|
21
|
+
end
|
22
|
+
|
23
|
+
def process_node(node, result, options)
|
24
|
+
result << node.to_s
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
class FullSanitizer < Sanitizer
|
29
|
+
def sanitize(text, options = {})
|
30
|
+
result = super
|
31
|
+
# strip any comments, and if they have a newline at the end (ie. line with
|
32
|
+
# only a comment) strip that too
|
33
|
+
result.gsub!(/<!--(.*?)-->[\n]?/m, "") if result
|
34
|
+
# Recurse - handle all dirty nested tags
|
35
|
+
result == text ? result : sanitize(result, options)
|
36
|
+
end
|
37
|
+
|
38
|
+
def process_node(node, result, options)
|
39
|
+
result << node.to_s if node.class == HTML::Text
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
class LinkSanitizer < FullSanitizer
|
44
|
+
cattr_accessor :included_tags, :instance_writer => false
|
45
|
+
self.included_tags = Set.new(%w(a href))
|
46
|
+
|
47
|
+
def sanitizeable?(text)
|
48
|
+
!(text.nil? || text.empty? || !((text.index("<a") || text.index("<href")) && text.index(">")))
|
49
|
+
end
|
50
|
+
|
51
|
+
protected
|
52
|
+
def process_node(node, result, options)
|
53
|
+
result << node.to_s unless node.is_a?(HTML::Tag) && included_tags.include?(node.name)
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
class WhiteListSanitizer < Sanitizer
|
58
|
+
[:protocol_separator, :uri_attributes, :allowed_attributes, :allowed_tags, :allowed_protocols, :bad_tags,
|
59
|
+
:allowed_css_properties, :allowed_css_keywords, :shorthand_css_properties].each do |attr|
|
60
|
+
class_inheritable_accessor attr, :instance_writer => false
|
61
|
+
end
|
62
|
+
|
63
|
+
# A regular expression of the valid characters used to separate protocols like
|
64
|
+
# the ':' in 'http://foo.com'
|
65
|
+
self.protocol_separator = /:|(�*58)|(p)|(%|%)3A/
|
66
|
+
|
67
|
+
# Specifies a Set of HTML attributes that can have URIs.
|
68
|
+
self.uri_attributes = Set.new(%w(href src cite action longdesc xlink:href lowsrc))
|
69
|
+
|
70
|
+
# Specifies a Set of 'bad' tags that the #sanitize helper will remove completely, as opposed
|
71
|
+
# to just escaping harmless tags like <font>
|
72
|
+
self.bad_tags = Set.new(%w(script))
|
73
|
+
|
74
|
+
# Specifies the default Set of tags that the #sanitize helper will allow unscathed.
|
75
|
+
self.allowed_tags = Set.new(%w(strong em b i p code pre tt samp kbd var sub
|
76
|
+
sup dfn cite big small address hr br div span h1 h2 h3 h4 h5 h6 ul ol li dt dd abbr
|
77
|
+
acronym a img blockquote del ins))
|
78
|
+
|
79
|
+
# Specifies the default Set of html attributes that the #sanitize helper will leave
|
80
|
+
# in the allowed tag.
|
81
|
+
self.allowed_attributes = Set.new(%w(href src width height alt cite datetime title class name xml:lang abbr))
|
82
|
+
|
83
|
+
# Specifies the default Set of acceptable css properties that #sanitize and #sanitize_css will accept.
|
84
|
+
self.allowed_protocols = Set.new(%w(ed2k ftp http https irc mailto news gopher nntp telnet webcal xmpp callto
|
85
|
+
feed svn urn aim rsync tag ssh sftp rtsp afs))
|
86
|
+
|
87
|
+
# Specifies the default Set of acceptable css keywords that #sanitize and #sanitize_css will accept.
|
88
|
+
self.allowed_css_properties = Set.new(%w(azimuth background-color border-bottom-color border-collapse
|
89
|
+
border-color border-left-color border-right-color border-top-color clear color cursor direction display
|
90
|
+
elevation float font font-family font-size font-style font-variant font-weight height letter-spacing line-height
|
91
|
+
overflow pause pause-after pause-before pitch pitch-range richness speak speak-header speak-numeral speak-punctuation
|
92
|
+
speech-rate stress text-align text-decoration text-indent unicode-bidi vertical-align voice-family volume white-space
|
93
|
+
width))
|
94
|
+
|
95
|
+
# Specifies the default Set of acceptable css keywords that #sanitize and #sanitize_css will accept.
|
96
|
+
self.allowed_css_keywords = Set.new(%w(auto aqua black block blue bold both bottom brown center
|
97
|
+
collapse dashed dotted fuchsia gray green !important italic left lime maroon medium none navy normal
|
98
|
+
nowrap olive pointer purple red right solid silver teal top transparent underline white yellow))
|
99
|
+
|
100
|
+
# Specifies the default Set of allowed shorthand css properties for the #sanitize and #sanitize_css helpers.
|
101
|
+
self.shorthand_css_properties = Set.new(%w(background border margin padding))
|
102
|
+
|
103
|
+
# Sanitizes a block of css code. Used by #sanitize when it comes across a style attribute
|
104
|
+
def sanitize_css(style)
|
105
|
+
# disallow urls
|
106
|
+
style = style.to_s.gsub(/url\s*\(\s*[^\s)]+?\s*\)\s*/, ' ')
|
107
|
+
|
108
|
+
# gauntlet
|
109
|
+
if style !~ /^([:,;#%.\sa-zA-Z0-9!]|\w-\w|\'[\s\w]+\'|\"[\s\w]+\"|\([\d,\s]+\))*$/ ||
|
110
|
+
style !~ /^(\s*[-\w]+\s*:\s*[^:;]*(;|$)\s*)*$/
|
111
|
+
return ''
|
112
|
+
end
|
113
|
+
|
114
|
+
clean = []
|
115
|
+
style.scan(/([-\w]+)\s*:\s*([^:;]*)/) do |prop,val|
|
116
|
+
if allowed_css_properties.include?(prop.downcase)
|
117
|
+
clean << prop + ': ' + val + ';'
|
118
|
+
elsif shorthand_css_properties.include?(prop.split('-')[0].downcase)
|
119
|
+
unless val.split().any? do |keyword|
|
120
|
+
!allowed_css_keywords.include?(keyword) &&
|
121
|
+
keyword !~ /^(#[0-9a-f]+|rgb\(\d+%?,\d*%?,?\d*%?\)?|\d{0,2}\.?\d{0,2}(cm|em|ex|in|mm|pc|pt|px|%|,|\))?)$/
|
122
|
+
end
|
123
|
+
clean << prop + ': ' + val + ';'
|
124
|
+
end
|
125
|
+
end
|
126
|
+
end
|
127
|
+
clean.join(' ')
|
128
|
+
end
|
129
|
+
|
130
|
+
protected
|
131
|
+
def tokenize(text, options)
|
132
|
+
options[:parent] = []
|
133
|
+
options[:attributes] ||= allowed_attributes
|
134
|
+
options[:tags] ||= allowed_tags
|
135
|
+
super
|
136
|
+
end
|
137
|
+
|
138
|
+
def process_node(node, result, options)
|
139
|
+
result << case node
|
140
|
+
when HTML::Tag
|
141
|
+
if node.closing == :close
|
142
|
+
options[:parent].shift
|
143
|
+
else
|
144
|
+
options[:parent].unshift node.name
|
145
|
+
end
|
146
|
+
|
147
|
+
process_attributes_for node, options
|
148
|
+
|
149
|
+
options[:tags].include?(node.name) ? node : nil
|
150
|
+
else
|
151
|
+
bad_tags.include?(options[:parent].first) ? nil : node.to_s.gsub(/</, "<")
|
152
|
+
end
|
153
|
+
end
|
154
|
+
|
155
|
+
def process_attributes_for(node, options)
|
156
|
+
return unless node.attributes
|
157
|
+
node.attributes.keys.each do |attr_name|
|
158
|
+
value = node.attributes[attr_name].to_s
|
159
|
+
|
160
|
+
if !options[:attributes].include?(attr_name) || contains_bad_protocols?(attr_name, value)
|
161
|
+
node.attributes.delete(attr_name)
|
162
|
+
else
|
163
|
+
node.attributes[attr_name] = attr_name == 'style' ? sanitize_css(value) : CGI::escapeHTML(CGI::unescapeHTML(value))
|
164
|
+
end
|
165
|
+
end
|
166
|
+
end
|
167
|
+
|
168
|
+
def contains_bad_protocols?(attr_name, value)
|
169
|
+
uri_attributes.include?(attr_name) &&
|
170
|
+
(value =~ /(^[^\/:]*):|(�*58)|(p)|(%|%)3A/ && !allowed_protocols.include?(value.split(protocol_separator).first))
|
171
|
+
end
|
172
|
+
end
|
173
|
+
end
|