actionview 4.1.13 → 6.1.3.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of actionview might be problematic. Click here for more details.
- checksums.yaml +5 -5
- data/CHANGELOG.md +181 -359
- data/MIT-LICENSE +1 -1
- data/README.rdoc +12 -6
- data/lib/action_view/base.rb +115 -43
- data/lib/action_view/buffers.rb +22 -4
- data/lib/action_view/cache_expiry.rb +52 -0
- data/lib/action_view/context.rb +8 -12
- data/lib/action_view/dependency_tracker.rb +61 -21
- data/lib/action_view/digestor.rb +89 -84
- data/lib/action_view/flows.rb +12 -13
- data/lib/action_view/gem_version.rb +6 -4
- data/lib/action_view/helpers/active_model_helper.rb +16 -11
- data/lib/action_view/helpers/asset_tag_helper.rb +311 -105
- data/lib/action_view/helpers/asset_url_helper.rb +197 -80
- data/lib/action_view/helpers/atom_feed_helper.rb +20 -17
- data/lib/action_view/helpers/cache_helper.rb +109 -45
- data/lib/action_view/helpers/capture_helper.rb +20 -22
- data/lib/action_view/helpers/controller_helper.rb +15 -4
- data/lib/action_view/helpers/csp_helper.rb +26 -0
- data/lib/action_view/helpers/csrf_helper.rb +8 -6
- data/lib/action_view/helpers/date_helper.rb +245 -140
- data/lib/action_view/helpers/debug_helper.rb +14 -17
- data/lib/action_view/helpers/form_helper.rb +875 -148
- data/lib/action_view/helpers/form_options_helper.rb +128 -82
- data/lib/action_view/helpers/form_tag_helper.rb +253 -91
- data/lib/action_view/helpers/javascript_helper.rb +37 -15
- data/lib/action_view/helpers/number_helper.rb +100 -77
- data/lib/action_view/helpers/output_safety_helper.rb +42 -10
- data/lib/action_view/helpers/rendering_helper.rb +26 -15
- data/lib/action_view/helpers/sanitize_helper.rb +79 -164
- data/lib/action_view/helpers/tag_helper.rb +277 -64
- data/lib/action_view/helpers/tags/base.rb +143 -92
- data/lib/action_view/helpers/tags/check_box.rb +20 -19
- data/lib/action_view/helpers/tags/checkable.rb +4 -2
- data/lib/action_view/helpers/tags/collection_check_boxes.rb +12 -30
- data/lib/action_view/helpers/tags/collection_helpers.rb +69 -36
- data/lib/action_view/helpers/tags/collection_radio_buttons.rb +6 -12
- data/lib/action_view/helpers/tags/collection_select.rb +4 -2
- data/lib/action_view/helpers/tags/color_field.rb +4 -3
- data/lib/action_view/helpers/tags/date_field.rb +3 -2
- data/lib/action_view/helpers/tags/date_select.rb +38 -37
- data/lib/action_view/helpers/tags/datetime_field.rb +14 -5
- data/lib/action_view/helpers/tags/datetime_local_field.rb +3 -2
- data/lib/action_view/helpers/tags/datetime_select.rb +2 -0
- data/lib/action_view/helpers/tags/email_field.rb +2 -0
- data/lib/action_view/helpers/tags/file_field.rb +2 -0
- data/lib/action_view/helpers/tags/grouped_collection_select.rb +4 -2
- data/lib/action_view/helpers/tags/hidden_field.rb +2 -0
- data/lib/action_view/helpers/tags/label.rb +41 -22
- data/lib/action_view/helpers/tags/month_field.rb +3 -2
- data/lib/action_view/helpers/tags/number_field.rb +2 -0
- data/lib/action_view/helpers/tags/password_field.rb +3 -1
- data/lib/action_view/helpers/tags/placeholderable.rb +24 -0
- data/lib/action_view/helpers/tags/radio_button.rb +7 -6
- data/lib/action_view/helpers/tags/range_field.rb +2 -0
- data/lib/action_view/helpers/tags/search_field.rb +3 -0
- data/lib/action_view/helpers/tags/select.rb +11 -10
- data/lib/action_view/helpers/tags/tel_field.rb +2 -0
- data/lib/action_view/helpers/tags/text_area.rb +7 -1
- data/lib/action_view/helpers/tags/text_field.rb +11 -7
- data/lib/action_view/helpers/tags/time_field.rb +3 -2
- data/lib/action_view/helpers/tags/time_select.rb +2 -0
- data/lib/action_view/helpers/tags/time_zone_select.rb +3 -1
- data/lib/action_view/helpers/tags/translator.rb +39 -0
- data/lib/action_view/helpers/tags/url_field.rb +2 -0
- data/lib/action_view/helpers/tags/week_field.rb +3 -2
- data/lib/action_view/helpers/tags.rb +4 -1
- data/lib/action_view/helpers/text_helper.rb +80 -45
- data/lib/action_view/helpers/translation_helper.rb +148 -67
- data/lib/action_view/helpers/url_helper.rb +289 -147
- data/lib/action_view/helpers.rb +5 -3
- data/lib/action_view/layouts.rb +68 -63
- data/lib/action_view/log_subscriber.rb +80 -13
- data/lib/action_view/lookup_context.rb +137 -92
- data/lib/action_view/model_naming.rb +4 -2
- data/lib/action_view/path_set.rb +30 -16
- data/lib/action_view/railtie.rb +62 -13
- data/lib/action_view/record_identifier.rb +53 -26
- data/lib/action_view/renderer/abstract_renderer.rb +152 -13
- data/lib/action_view/renderer/collection_renderer.rb +196 -0
- data/lib/action_view/renderer/object_renderer.rb +34 -0
- data/lib/action_view/renderer/partial_renderer/collection_caching.rb +102 -0
- data/lib/action_view/renderer/partial_renderer.rb +61 -261
- data/lib/action_view/renderer/renderer.rb +67 -6
- data/lib/action_view/renderer/streaming_template_renderer.rb +58 -54
- data/lib/action_view/renderer/template_renderer.rb +83 -75
- data/lib/action_view/rendering.rb +73 -46
- data/lib/action_view/routing_url_for.rb +54 -17
- data/lib/action_view/tasks/cache_digests.rake +25 -0
- data/lib/action_view/template/error.rb +44 -29
- data/lib/action_view/template/handlers/builder.rb +12 -13
- data/lib/action_view/template/handlers/erb/erubi.rb +89 -0
- data/lib/action_view/template/handlers/erb.rb +23 -89
- data/lib/action_view/template/handlers/html.rb +11 -0
- data/lib/action_view/template/handlers/raw.rb +4 -4
- data/lib/action_view/template/handlers.rb +22 -9
- data/lib/action_view/template/html.rb +10 -11
- data/lib/action_view/template/inline.rb +22 -0
- data/lib/action_view/template/raw_file.rb +25 -0
- data/lib/action_view/template/renderable.rb +24 -0
- data/lib/action_view/template/resolver.rb +267 -181
- data/lib/action_view/template/sources/file.rb +17 -0
- data/lib/action_view/template/sources.rb +13 -0
- data/lib/action_view/template/text.rb +8 -10
- data/lib/action_view/template/types.rb +18 -18
- data/lib/action_view/template.rb +109 -99
- data/lib/action_view/test_case.rb +73 -53
- data/lib/action_view/testing/resolvers.rb +24 -33
- data/lib/action_view/unbound_template.rb +31 -0
- data/lib/action_view/version.rb +3 -1
- data/lib/action_view/view_paths.rb +74 -44
- data/lib/action_view.rb +14 -9
- data/lib/assets/compiled/rails-ujs.js +746 -0
- metadata +71 -26
- data/lib/action_view/helpers/record_tag_helper.rb +0 -108
- data/lib/action_view/tasks/dependencies.rake +0 -23
- data/lib/action_view/vendor/html-scanner/html/document.rb +0 -68
- data/lib/action_view/vendor/html-scanner/html/node.rb +0 -532
- data/lib/action_view/vendor/html-scanner/html/sanitizer.rb +0 -188
- data/lib/action_view/vendor/html-scanner/html/selector.rb +0 -830
- data/lib/action_view/vendor/html-scanner/html/tokenizer.rb +0 -107
- data/lib/action_view/vendor/html-scanner/html/version.rb +0 -11
- data/lib/action_view/vendor/html-scanner.rb +0 -20
@@ -1,6 +1,9 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "action_dispatch/routing/polymorphic_routes"
|
4
|
+
|
1
5
|
module ActionView
|
2
6
|
module RoutingUrlFor
|
3
|
-
|
4
7
|
# Returns the URL for the set of +options+ provided. This takes the
|
5
8
|
# same options as +url_for+ in Action Controller (see the
|
6
9
|
# documentation for <tt>ActionController::Base#url_for</tt>). Note that by default
|
@@ -30,7 +33,7 @@ module ActionView
|
|
30
33
|
#
|
31
34
|
# ==== Examples
|
32
35
|
# <%= url_for(action: 'index') %>
|
33
|
-
# # => /
|
36
|
+
# # => /blogs/
|
34
37
|
#
|
35
38
|
# <%= url_for(action: 'find', controller: 'books') %>
|
36
39
|
# # => /books/find
|
@@ -77,16 +80,41 @@ module ActionView
|
|
77
80
|
case options
|
78
81
|
when String
|
79
82
|
options
|
80
|
-
when nil
|
81
|
-
|
82
|
-
|
83
|
-
|
83
|
+
when nil
|
84
|
+
super(only_path: _generate_paths_by_default)
|
85
|
+
when Hash
|
86
|
+
options = options.symbolize_keys
|
87
|
+
ensure_only_path_option(options)
|
88
|
+
|
89
|
+
super(options)
|
90
|
+
when ActionController::Parameters
|
91
|
+
ensure_only_path_option(options)
|
92
|
+
|
93
|
+
super(options)
|
84
94
|
when :back
|
85
95
|
_back_url
|
86
96
|
when Array
|
87
|
-
|
97
|
+
components = options.dup
|
98
|
+
options = components.extract_options!
|
99
|
+
ensure_only_path_option(options)
|
100
|
+
|
101
|
+
if options[:only_path]
|
102
|
+
polymorphic_path(components, options)
|
103
|
+
else
|
104
|
+
polymorphic_url(components, options)
|
105
|
+
end
|
88
106
|
else
|
89
|
-
|
107
|
+
method = _generate_paths_by_default ? :path : :url
|
108
|
+
builder = ActionDispatch::Routing::PolymorphicRoutes::HelperMethodBuilder.public_send(method)
|
109
|
+
|
110
|
+
case options
|
111
|
+
when Symbol
|
112
|
+
builder.handle_string_call(self, options)
|
113
|
+
when Class
|
114
|
+
builder.handle_class_call(self, options)
|
115
|
+
else
|
116
|
+
builder.handle_model_call(self, options)
|
117
|
+
end
|
90
118
|
end
|
91
119
|
end
|
92
120
|
|
@@ -95,15 +123,24 @@ module ActionView
|
|
95
123
|
controller.url_options
|
96
124
|
end
|
97
125
|
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
126
|
+
private
|
127
|
+
def _routes_context
|
128
|
+
controller
|
129
|
+
end
|
102
130
|
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
131
|
+
def optimize_routes_generation?
|
132
|
+
controller.respond_to?(:optimize_routes_generation?, true) ?
|
133
|
+
controller.optimize_routes_generation? : super
|
134
|
+
end
|
135
|
+
|
136
|
+
def _generate_paths_by_default
|
137
|
+
true
|
138
|
+
end
|
139
|
+
|
140
|
+
def ensure_only_path_option(options)
|
141
|
+
unless options.key?(:only_path)
|
142
|
+
options[:only_path] = _generate_paths_by_default unless options[:host]
|
143
|
+
end
|
144
|
+
end
|
108
145
|
end
|
109
146
|
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
namespace :cache_digests do
|
4
|
+
desc "Lookup nested dependencies for TEMPLATE (like messages/show or comments/_comment.html)"
|
5
|
+
task nested_dependencies: :environment do
|
6
|
+
abort "You must provide TEMPLATE for the task to run" unless ENV["TEMPLATE"].present?
|
7
|
+
puts JSON.pretty_generate ActionView::Digestor.tree(CacheDigests.template_name, CacheDigests.finder).children.map(&:to_dep_map)
|
8
|
+
end
|
9
|
+
|
10
|
+
desc "Lookup first-level dependencies for TEMPLATE (like messages/show or comments/_comment.html)"
|
11
|
+
task dependencies: :environment do
|
12
|
+
abort "You must provide TEMPLATE for the task to run" unless ENV["TEMPLATE"].present?
|
13
|
+
puts JSON.pretty_generate ActionView::Digestor.tree(CacheDigests.template_name, CacheDigests.finder).children.map(&:name)
|
14
|
+
end
|
15
|
+
|
16
|
+
class CacheDigests
|
17
|
+
def self.template_name
|
18
|
+
ENV["TEMPLATE"].split(".", 2).first
|
19
|
+
end
|
20
|
+
|
21
|
+
def self.finder
|
22
|
+
ApplicationController.new.lookup_context
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require "active_support/core_ext/enumerable"
|
2
4
|
|
3
5
|
module ActionView
|
@@ -8,9 +10,6 @@ module ActionView
|
|
8
10
|
class EncodingError < StandardError #:nodoc:
|
9
11
|
end
|
10
12
|
|
11
|
-
class MissingRequestError < StandardError #:nodoc:
|
12
|
-
end
|
13
|
-
|
14
13
|
class WrongEncodingError < EncodingError #:nodoc:
|
15
14
|
def initialize(string, encoding)
|
16
15
|
@string, @encoding = string, encoding
|
@@ -35,10 +34,10 @@ module ActionView
|
|
35
34
|
prefixes = Array(prefixes)
|
36
35
|
template_type = if partial
|
37
36
|
"partial"
|
38
|
-
elsif
|
39
|
-
|
37
|
+
elsif /layouts/i.match?(path)
|
38
|
+
"layout"
|
40
39
|
else
|
41
|
-
|
40
|
+
"template"
|
42
41
|
end
|
43
42
|
|
44
43
|
if partial && path.present?
|
@@ -59,13 +58,14 @@ module ActionView
|
|
59
58
|
class Error < ActionViewError #:nodoc:
|
60
59
|
SOURCE_CODE_RADIUS = 3
|
61
60
|
|
62
|
-
|
61
|
+
# Override to prevent #cause resetting during re-raise.
|
62
|
+
attr_reader :cause
|
63
63
|
|
64
|
-
def initialize(template
|
65
|
-
super(
|
66
|
-
|
67
|
-
@
|
68
|
-
|
64
|
+
def initialize(template)
|
65
|
+
super($!.message)
|
66
|
+
set_backtrace($!.backtrace)
|
67
|
+
@cause = $!
|
68
|
+
@template, @sub_templates = template, nil
|
69
69
|
end
|
70
70
|
|
71
71
|
def file_name
|
@@ -75,25 +75,25 @@ module ActionView
|
|
75
75
|
def sub_template_message
|
76
76
|
if @sub_templates
|
77
77
|
"Trace of template inclusion: " +
|
78
|
-
@sub_templates.collect
|
78
|
+
@sub_templates.collect(&:inspect).join(", ")
|
79
79
|
else
|
80
80
|
""
|
81
81
|
end
|
82
82
|
end
|
83
83
|
|
84
|
-
def source_extract(indentation = 0
|
85
|
-
return unless num = line_number
|
84
|
+
def source_extract(indentation = 0)
|
85
|
+
return [] unless num = line_number
|
86
86
|
num = num.to_i
|
87
87
|
|
88
|
-
source_code = @template.
|
88
|
+
source_code = @template.encode!.split("\n")
|
89
89
|
|
90
90
|
start_on_line = [ num - SOURCE_CODE_RADIUS - 1, 0 ].max
|
91
91
|
end_on_line = [ num + SOURCE_CODE_RADIUS - 1, source_code.length].min
|
92
92
|
|
93
93
|
indent = end_on_line.to_s.size + indentation
|
94
|
-
return unless source_code = source_code[start_on_line..end_on_line]
|
94
|
+
return [] unless source_code = source_code[start_on_line..end_on_line]
|
95
95
|
|
96
|
-
formatted_code_for(source_code, start_on_line, indent
|
96
|
+
formatted_code_for(source_code, start_on_line, indent)
|
97
97
|
end
|
98
98
|
|
99
99
|
def sub_template_of(template_path)
|
@@ -109,33 +109,48 @@ module ActionView
|
|
109
109
|
end
|
110
110
|
end
|
111
111
|
|
112
|
-
def
|
112
|
+
def annotated_source_code
|
113
113
|
source_extract(4)
|
114
114
|
end
|
115
115
|
|
116
116
|
private
|
117
|
-
|
118
117
|
def source_location
|
119
118
|
if line_number
|
120
119
|
"on line ##{line_number} of "
|
121
120
|
else
|
122
|
-
|
121
|
+
"in "
|
123
122
|
end + file_name
|
124
123
|
end
|
125
124
|
|
126
|
-
def formatted_code_for(source_code, line_counter, indent
|
127
|
-
|
128
|
-
source_code.
|
125
|
+
def formatted_code_for(source_code, line_counter, indent)
|
126
|
+
indent_template = "%#{indent}s: %s"
|
127
|
+
source_code.map do |line|
|
129
128
|
line_counter += 1
|
130
|
-
|
131
|
-
result.update(line_counter.to_s => "%#{indent}s %s\n" % ["", line])
|
132
|
-
else
|
133
|
-
result << "%#{indent}s: %s\n" % [line_counter, line]
|
134
|
-
end
|
129
|
+
indent_template % [line_counter, line]
|
135
130
|
end
|
136
131
|
end
|
137
132
|
end
|
138
133
|
end
|
139
134
|
|
140
135
|
TemplateError = Template::Error
|
136
|
+
|
137
|
+
class SyntaxErrorInTemplate < TemplateError #:nodoc
|
138
|
+
def initialize(template, offending_code_string)
|
139
|
+
@offending_code_string = offending_code_string
|
140
|
+
super(template)
|
141
|
+
end
|
142
|
+
|
143
|
+
def message
|
144
|
+
<<~MESSAGE
|
145
|
+
Encountered a syntax error while rendering template: check #{@offending_code_string}
|
146
|
+
MESSAGE
|
147
|
+
end
|
148
|
+
|
149
|
+
def annotated_source_code
|
150
|
+
@offending_code_string.split("\n").map.with_index(1) { |line, index|
|
151
|
+
indentation = " " * 4
|
152
|
+
"#{index}:#{indentation}#{line}"
|
153
|
+
}
|
154
|
+
end
|
155
|
+
end
|
141
156
|
end
|
@@ -1,26 +1,25 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module ActionView
|
2
4
|
module Template::Handlers
|
3
5
|
class Builder
|
4
|
-
|
5
|
-
class_attribute :default_format
|
6
|
-
self.default_format = :xml
|
6
|
+
class_attribute :default_format, default: :xml
|
7
7
|
|
8
|
-
def call(template)
|
8
|
+
def call(template, source)
|
9
9
|
require_engine
|
10
|
-
"xml = ::Builder::XmlMarkup.new(:indent => 2);"
|
10
|
+
"xml = ::Builder::XmlMarkup.new(:indent => 2);" \
|
11
11
|
"self.output_buffer = xml.target!;" +
|
12
|
-
|
12
|
+
source +
|
13
13
|
";xml.target!;"
|
14
14
|
end
|
15
15
|
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
16
|
+
private
|
17
|
+
def require_engine # :doc:
|
18
|
+
@required ||= begin
|
19
|
+
require "builder"
|
20
|
+
true
|
21
|
+
end
|
22
22
|
end
|
23
|
-
end
|
24
23
|
end
|
25
24
|
end
|
26
25
|
end
|
@@ -0,0 +1,89 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "erubi"
|
4
|
+
|
5
|
+
module ActionView
|
6
|
+
class Template
|
7
|
+
module Handlers
|
8
|
+
class ERB
|
9
|
+
class Erubi < ::Erubi::Engine
|
10
|
+
# :nodoc: all
|
11
|
+
def initialize(input, properties = {})
|
12
|
+
@newline_pending = 0
|
13
|
+
|
14
|
+
# Dup properties so that we don't modify argument
|
15
|
+
properties = Hash[properties]
|
16
|
+
|
17
|
+
properties[:bufvar] ||= "@output_buffer"
|
18
|
+
properties[:preamble] ||= ""
|
19
|
+
properties[:postamble] ||= "#{properties[:bufvar]}.to_s"
|
20
|
+
|
21
|
+
properties[:escapefunc] = ""
|
22
|
+
|
23
|
+
super
|
24
|
+
end
|
25
|
+
|
26
|
+
def evaluate(action_view_erb_handler_context)
|
27
|
+
src = @src
|
28
|
+
view = Class.new(ActionView::Base) {
|
29
|
+
include action_view_erb_handler_context._routes.url_helpers
|
30
|
+
class_eval("define_method(:_template) { |local_assigns, output_buffer| #{src} }", defined?(@filename) ? @filename : "(erubi)", 0)
|
31
|
+
}.empty
|
32
|
+
view._run(:_template, nil, {}, ActionView::OutputBuffer.new)
|
33
|
+
end
|
34
|
+
|
35
|
+
private
|
36
|
+
def add_text(text)
|
37
|
+
return if text.empty?
|
38
|
+
|
39
|
+
if text == "\n"
|
40
|
+
@newline_pending += 1
|
41
|
+
else
|
42
|
+
src << bufvar << ".safe_append='"
|
43
|
+
src << "\n" * @newline_pending if @newline_pending > 0
|
44
|
+
src << text.gsub(/['\\]/, '\\\\\&')
|
45
|
+
src << "'.freeze;"
|
46
|
+
|
47
|
+
@newline_pending = 0
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
BLOCK_EXPR = /\s*((\s+|\))do|\{)(\s*\|[^|]*\|)?\s*\Z/
|
52
|
+
|
53
|
+
def add_expression(indicator, code)
|
54
|
+
flush_newline_if_pending(src)
|
55
|
+
|
56
|
+
if (indicator == "==") || @escape
|
57
|
+
src << bufvar << ".safe_expr_append="
|
58
|
+
else
|
59
|
+
src << bufvar << ".append="
|
60
|
+
end
|
61
|
+
|
62
|
+
if BLOCK_EXPR.match?(code)
|
63
|
+
src << " " << code
|
64
|
+
else
|
65
|
+
src << "(" << code << ");"
|
66
|
+
end
|
67
|
+
end
|
68
|
+
|
69
|
+
def add_code(code)
|
70
|
+
flush_newline_if_pending(src)
|
71
|
+
super
|
72
|
+
end
|
73
|
+
|
74
|
+
def add_postamble(_)
|
75
|
+
flush_newline_if_pending(src)
|
76
|
+
super
|
77
|
+
end
|
78
|
+
|
79
|
+
def flush_newline_if_pending(src)
|
80
|
+
if @newline_pending > 0
|
81
|
+
src << bufvar << ".safe_append='#{"\n" * @newline_pending}'.freeze;"
|
82
|
+
@newline_pending = 0
|
83
|
+
end
|
84
|
+
end
|
85
|
+
end
|
86
|
+
end
|
87
|
+
end
|
88
|
+
end
|
89
|
+
end
|
@@ -1,96 +1,25 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
3
|
module ActionView
|
4
4
|
class Template
|
5
5
|
module Handlers
|
6
|
-
class Erubis < ::Erubis::Eruby
|
7
|
-
def add_preamble(src)
|
8
|
-
@newline_pending = 0
|
9
|
-
src << "@output_buffer = output_buffer || ActionView::OutputBuffer.new;"
|
10
|
-
end
|
11
|
-
|
12
|
-
def add_text(src, text)
|
13
|
-
return if text.empty?
|
14
|
-
|
15
|
-
if text == "\n"
|
16
|
-
@newline_pending += 1
|
17
|
-
else
|
18
|
-
src << "@output_buffer.safe_append='"
|
19
|
-
src << "\n" * @newline_pending if @newline_pending > 0
|
20
|
-
src << escape_text(text)
|
21
|
-
src << "'.freeze;"
|
22
|
-
|
23
|
-
@newline_pending = 0
|
24
|
-
end
|
25
|
-
end
|
26
|
-
|
27
|
-
# Erubis toggles <%= and <%== behavior when escaping is enabled.
|
28
|
-
# We override to always treat <%== as escaped.
|
29
|
-
def add_expr(src, code, indicator)
|
30
|
-
case indicator
|
31
|
-
when '=='
|
32
|
-
add_expr_escaped(src, code)
|
33
|
-
else
|
34
|
-
super
|
35
|
-
end
|
36
|
-
end
|
37
|
-
|
38
|
-
BLOCK_EXPR = /\s+(do|\{)(\s*\|[^|]*\|)?\s*\Z/
|
39
|
-
|
40
|
-
def add_expr_literal(src, code)
|
41
|
-
flush_newline_if_pending(src)
|
42
|
-
if code =~ BLOCK_EXPR
|
43
|
-
src << '@output_buffer.append= ' << code
|
44
|
-
else
|
45
|
-
src << '@output_buffer.append=(' << code << ');'
|
46
|
-
end
|
47
|
-
end
|
48
|
-
|
49
|
-
def add_expr_escaped(src, code)
|
50
|
-
flush_newline_if_pending(src)
|
51
|
-
if code =~ BLOCK_EXPR
|
52
|
-
src << "@output_buffer.safe_append= " << code
|
53
|
-
else
|
54
|
-
src << "@output_buffer.safe_append=(" << code << ");"
|
55
|
-
end
|
56
|
-
end
|
57
|
-
|
58
|
-
def add_stmt(src, code)
|
59
|
-
flush_newline_if_pending(src)
|
60
|
-
super
|
61
|
-
end
|
62
|
-
|
63
|
-
def add_postamble(src)
|
64
|
-
flush_newline_if_pending(src)
|
65
|
-
src << '@output_buffer.to_s'
|
66
|
-
end
|
67
|
-
|
68
|
-
def flush_newline_if_pending(src)
|
69
|
-
if @newline_pending > 0
|
70
|
-
src << "@output_buffer.safe_append='#{"\n" * @newline_pending}'.freeze;"
|
71
|
-
@newline_pending = 0
|
72
|
-
end
|
73
|
-
end
|
74
|
-
end
|
75
|
-
|
76
6
|
class ERB
|
7
|
+
autoload :Erubi, "action_view/template/handlers/erb/erubi"
|
8
|
+
|
77
9
|
# Specify trim mode for the ERB compiler. Defaults to '-'.
|
78
10
|
# See ERB documentation for suitable values.
|
79
|
-
class_attribute :erb_trim_mode
|
80
|
-
self.erb_trim_mode = '-'
|
11
|
+
class_attribute :erb_trim_mode, default: "-"
|
81
12
|
|
82
13
|
# Default implementation used.
|
83
|
-
class_attribute :erb_implementation
|
84
|
-
self.erb_implementation = Erubis
|
14
|
+
class_attribute :erb_implementation, default: Erubi
|
85
15
|
|
86
16
|
# Do not escape templates of these mime types.
|
87
|
-
class_attribute :
|
88
|
-
self.escape_whitelist = ["text/plain"]
|
17
|
+
class_attribute :escape_ignore_list, default: ["text/plain"]
|
89
18
|
|
90
19
|
ENCODING_TAG = Regexp.new("\\A(<%#{ENCODING_FLAG}-?%>)[ \\t]*")
|
91
20
|
|
92
|
-
def self.call(template)
|
93
|
-
new.call(template)
|
21
|
+
def self.call(template, source)
|
22
|
+
new.call(template, source)
|
94
23
|
end
|
95
24
|
|
96
25
|
def supports_streaming?
|
@@ -101,30 +30,35 @@ module ActionView
|
|
101
30
|
true
|
102
31
|
end
|
103
32
|
|
104
|
-
def call(template)
|
33
|
+
def call(template, source)
|
105
34
|
# First, convert to BINARY, so in case the encoding is
|
106
35
|
# wrong, we can still find an encoding tag
|
107
36
|
# (<%# encoding %>) inside the String using a regular
|
108
37
|
# expression
|
109
|
-
template_source =
|
38
|
+
template_source = source.b
|
110
39
|
|
111
|
-
erb = template_source.gsub(ENCODING_TAG,
|
40
|
+
erb = template_source.gsub(ENCODING_TAG, "")
|
112
41
|
encoding = $2
|
113
42
|
|
114
|
-
erb.force_encoding valid_encoding(
|
43
|
+
erb.force_encoding valid_encoding(source.dup, encoding)
|
115
44
|
|
116
45
|
# Always make sure we return a String in the default_internal
|
117
46
|
erb.encode!
|
118
47
|
|
119
|
-
|
120
|
-
|
121
|
-
:
|
122
|
-
|
123
|
-
|
48
|
+
options = {
|
49
|
+
escape: (self.class.escape_ignore_list.include? template.type),
|
50
|
+
trim: (self.class.erb_trim_mode == "-")
|
51
|
+
}
|
52
|
+
|
53
|
+
if ActionView::Base.annotate_rendered_view_with_filenames && template.format == :html
|
54
|
+
options[:preamble] = "@output_buffer.safe_append='<!-- BEGIN #{template.short_identifier} -->';"
|
55
|
+
options[:postamble] = "@output_buffer.safe_append='<!-- END #{template.short_identifier} -->';@output_buffer.to_s"
|
56
|
+
end
|
57
|
+
|
58
|
+
self.class.erb_implementation.new(erb, options).src
|
124
59
|
end
|
125
60
|
|
126
61
|
private
|
127
|
-
|
128
62
|
def valid_encoding(string, encoding)
|
129
63
|
# If a magic encoding comment was found, tag the
|
130
64
|
# String with this encoding. This is for a case
|