actionview 7.1.2 → 7.1.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +78 -0
- data/lib/action_view/base.rb +1 -2
- data/lib/action_view/gem_version.rb +2 -2
- data/lib/action_view/helpers/asset_tag_helper.rb +3 -3
- data/lib/action_view/helpers/cache_helper.rb +4 -4
- data/lib/action_view/helpers/form_helper.rb +8 -4
- data/lib/action_view/helpers/form_tag_helper.rb +6 -6
- data/lib/action_view/helpers/number_helper.rb +35 -329
- data/lib/action_view/helpers/sanitize_helper.rb +25 -14
- data/lib/action_view/helpers/text_helper.rb +124 -68
- data/lib/action_view/helpers/url_helper.rb +5 -3
- data/lib/action_view/layouts.rb +2 -2
- data/lib/action_view/template.rb +11 -4
- data/lib/action_view/test_case.rb +7 -7
- data/lib/action_view/unbound_template.rb +4 -4
- data/lib/action_view.rb +1 -1
- metadata +15 -16
- data/lib/assets/compiled/rails-ujs.js +0 -777
|
@@ -15,11 +15,11 @@ module ActionView
|
|
|
15
15
|
|
|
16
16
|
# Sanitizes HTML input, stripping all but known-safe tags and attributes.
|
|
17
17
|
#
|
|
18
|
-
# It also strips href/src attributes with unsafe protocols like
|
|
18
|
+
# It also strips +href+ / +src+ attributes with unsafe protocols like +javascript:+, while
|
|
19
19
|
# also protecting against attempts to use Unicode, ASCII, and hex character references to work
|
|
20
20
|
# around these protocol filters.
|
|
21
21
|
#
|
|
22
|
-
# The default sanitizer is Rails::HTML5::SafeListSanitizer
|
|
22
|
+
# The default sanitizer is +Rails::HTML5::SafeListSanitizer+. See {Rails HTML
|
|
23
23
|
# Sanitizers}[https://github.com/rails/rails-html-sanitizer] for more information.
|
|
24
24
|
#
|
|
25
25
|
# Custom sanitization rules can also be provided.
|
|
@@ -29,24 +29,29 @@ module ActionView
|
|
|
29
29
|
#
|
|
30
30
|
# ==== Options
|
|
31
31
|
#
|
|
32
|
-
#
|
|
33
|
-
#
|
|
34
|
-
#
|
|
32
|
+
# [+:tags+]
|
|
33
|
+
# An array of allowed tags.
|
|
34
|
+
#
|
|
35
|
+
# [+:attributes+]
|
|
36
|
+
# An array of allowed attributes.
|
|
37
|
+
#
|
|
38
|
+
# [+:scrubber+]
|
|
39
|
+
# A {Rails::HTML scrubber}[https://github.com/rails/rails-html-sanitizer]
|
|
35
40
|
# or {Loofah::Scrubber}[https://github.com/flavorjones/loofah] object that
|
|
36
41
|
# defines custom sanitization rules. A custom scrubber takes precedence over
|
|
37
42
|
# custom tags and attributes.
|
|
38
43
|
#
|
|
39
44
|
# ==== Examples
|
|
40
45
|
#
|
|
41
|
-
# Normal use
|
|
46
|
+
# ===== Normal use
|
|
42
47
|
#
|
|
43
48
|
# <%= sanitize @comment.body %>
|
|
44
49
|
#
|
|
45
|
-
# Providing custom lists of permitted tags and attributes
|
|
50
|
+
# ===== Providing custom lists of permitted tags and attributes
|
|
46
51
|
#
|
|
47
52
|
# <%= sanitize @comment.body, tags: %w(strong em a), attributes: %w(href) %>
|
|
48
53
|
#
|
|
49
|
-
# Providing a custom Rails::HTML scrubber
|
|
54
|
+
# ===== Providing a custom +Rails::HTML+ scrubber
|
|
50
55
|
#
|
|
51
56
|
# class CommentScrubber < Rails::HTML::PermitScrubber
|
|
52
57
|
# def initialize
|
|
@@ -60,21 +65,27 @@ module ActionView
|
|
|
60
65
|
# end
|
|
61
66
|
# end
|
|
62
67
|
#
|
|
68
|
+
# <code></code>
|
|
69
|
+
#
|
|
63
70
|
# <%= sanitize @comment.body, scrubber: CommentScrubber.new %>
|
|
64
71
|
#
|
|
65
72
|
# See {Rails HTML Sanitizer}[https://github.com/rails/rails-html-sanitizer] for
|
|
66
|
-
# documentation about Rails::HTML scrubbers.
|
|
73
|
+
# documentation about +Rails::HTML+ scrubbers.
|
|
67
74
|
#
|
|
68
|
-
# Providing a custom Loofah::Scrubber
|
|
75
|
+
# ===== Providing a custom +Loofah::Scrubber+
|
|
69
76
|
#
|
|
70
77
|
# scrubber = Loofah::Scrubber.new do |node|
|
|
71
78
|
# node.remove if node.name == 'script'
|
|
72
79
|
# end
|
|
73
80
|
#
|
|
81
|
+
# <code></code>
|
|
82
|
+
#
|
|
74
83
|
# <%= sanitize @comment.body, scrubber: scrubber %>
|
|
75
84
|
#
|
|
76
85
|
# See {Loofah's documentation}[https://github.com/flavorjones/loofah] for more
|
|
77
|
-
# information about defining custom Loofah::Scrubber objects.
|
|
86
|
+
# information about defining custom +Loofah::Scrubber+ objects.
|
|
87
|
+
#
|
|
88
|
+
# ==== Global Configuration
|
|
78
89
|
#
|
|
79
90
|
# To set the default allowed tags or attributes across your application:
|
|
80
91
|
#
|
|
@@ -95,13 +106,13 @@ module ActionView
|
|
|
95
106
|
# # In config/application.rb
|
|
96
107
|
# config.action_view.sanitizer_vendor = Rails::HTML5::Sanitizer
|
|
97
108
|
#
|
|
98
|
-
# NOTE: Rails::HTML5::Sanitizer is not supported on JRuby, so on JRuby platforms \Rails will
|
|
99
|
-
# fall back to
|
|
109
|
+
# NOTE: +Rails::HTML5::Sanitizer+ is not supported on JRuby, so on JRuby platforms \Rails will
|
|
110
|
+
# fall back to using +Rails::HTML4::Sanitizer+.
|
|
100
111
|
def sanitize(html, options = {})
|
|
101
112
|
self.class.safe_list_sanitizer.sanitize(html, options)&.html_safe
|
|
102
113
|
end
|
|
103
114
|
|
|
104
|
-
# Sanitizes a block of CSS code. Used by
|
|
115
|
+
# Sanitizes a block of CSS code. Used by #sanitize when it comes across a style attribute.
|
|
105
116
|
def sanitize_css(style)
|
|
106
117
|
self.class.safe_list_sanitizer.sanitize_css(style)
|
|
107
118
|
end
|
|
@@ -41,21 +41,25 @@ module ActionView
|
|
|
41
41
|
include OutputSafetyHelper
|
|
42
42
|
|
|
43
43
|
# The preferred method of outputting text in your views is to use the
|
|
44
|
-
#
|
|
44
|
+
# <tt><%= "text" %></tt> eRuby syntax. The regular +puts+ and +print+ methods
|
|
45
45
|
# do not operate as expected in an eRuby code block. If you absolutely must
|
|
46
|
-
# output text within a non-output code block (i.e.,
|
|
46
|
+
# output text within a non-output code block (i.e., <tt><% %></tt>), you
|
|
47
|
+
# can use the +concat+ method.
|
|
48
|
+
#
|
|
49
|
+
# <% concat "hello" %> is equivalent to <%= "hello" %>
|
|
47
50
|
#
|
|
48
51
|
# <%
|
|
49
|
-
#
|
|
50
|
-
#
|
|
51
|
-
#
|
|
52
|
-
# if logged_in
|
|
53
|
-
# concat "Logged in!"
|
|
54
|
-
# else
|
|
55
|
-
# concat link_to('login', action: :login)
|
|
56
|
-
# end
|
|
57
|
-
# # will either display "Logged in!" or a login link
|
|
52
|
+
# unless signed_in?
|
|
53
|
+
# concat link_to("Sign In", action: :sign_in)
|
|
54
|
+
# end
|
|
58
55
|
# %>
|
|
56
|
+
#
|
|
57
|
+
# is equivalent to
|
|
58
|
+
#
|
|
59
|
+
# <% unless signed_in? %>
|
|
60
|
+
# <%= link_to "Sign In", action: :sign_in %>
|
|
61
|
+
# <% end %>
|
|
62
|
+
#
|
|
59
63
|
def concat(string)
|
|
60
64
|
output_buffer << string
|
|
61
65
|
end
|
|
@@ -64,17 +68,36 @@ module ActionView
|
|
|
64
68
|
output_buffer.respond_to?(:safe_concat) ? output_buffer.safe_concat(string) : concat(string)
|
|
65
69
|
end
|
|
66
70
|
|
|
67
|
-
# Truncates
|
|
68
|
-
#
|
|
69
|
-
#
|
|
71
|
+
# Truncates +text+ if it is longer than a specified +:length+. If +text+
|
|
72
|
+
# is truncated, an omission marker will be appended to the result for a
|
|
73
|
+
# total length not exceeding +:length+.
|
|
74
|
+
#
|
|
75
|
+
# You can also pass a block to render and append extra content after the
|
|
76
|
+
# omission marker when +text+ is truncated. However, this content _can_
|
|
77
|
+
# cause the total length to exceed +:length+ characters.
|
|
78
|
+
#
|
|
79
|
+
# The result will be escaped unless <tt>escape: false</tt> is specified.
|
|
80
|
+
# In any case, the result will be marked HTML-safe. Care should be taken
|
|
81
|
+
# if +text+ might contain HTML tags or entities, because truncation could
|
|
82
|
+
# produce invalid HTML, such as unbalanced or incomplete tags.
|
|
70
83
|
#
|
|
71
|
-
#
|
|
84
|
+
# ==== Options
|
|
85
|
+
#
|
|
86
|
+
# [+:length+]
|
|
87
|
+
# The maximum number of characters that should be returned, excluding
|
|
88
|
+
# any extra content from the block. Defaults to 30.
|
|
72
89
|
#
|
|
73
|
-
#
|
|
90
|
+
# [+:omission+]
|
|
91
|
+
# The string to append after truncating. Defaults to <tt>"..."</tt>.
|
|
74
92
|
#
|
|
75
|
-
#
|
|
76
|
-
#
|
|
77
|
-
#
|
|
93
|
+
# [+:separator+]
|
|
94
|
+
# A string or regexp used to find a breaking point at which to truncate.
|
|
95
|
+
# By default, truncation can occur at any character in +text+.
|
|
96
|
+
#
|
|
97
|
+
# [+:escape+]
|
|
98
|
+
# Whether to escape the result. Defaults to true.
|
|
99
|
+
#
|
|
100
|
+
# ==== Examples
|
|
78
101
|
#
|
|
79
102
|
# truncate("Once upon a time in a world far far away")
|
|
80
103
|
# # => "Once upon a time in a world..."
|
|
@@ -95,7 +118,7 @@ module ActionView
|
|
|
95
118
|
# # => "<p>Once upon a time in a wo..."
|
|
96
119
|
#
|
|
97
120
|
# truncate("Once upon a time in a world far far away") { link_to "Continue", "#" }
|
|
98
|
-
# # => "Once upon a time in a
|
|
121
|
+
# # => "Once upon a time in a world...<a href=\"#\">Continue</a>"
|
|
99
122
|
def truncate(text, options = {}, &block)
|
|
100
123
|
if text
|
|
101
124
|
length = options.fetch(:length, 30)
|
|
@@ -107,33 +130,47 @@ module ActionView
|
|
|
107
130
|
end
|
|
108
131
|
end
|
|
109
132
|
|
|
110
|
-
# Highlights
|
|
111
|
-
#
|
|
112
|
-
#
|
|
113
|
-
#
|
|
114
|
-
#
|
|
115
|
-
#
|
|
133
|
+
# Highlights occurrences of +phrases+ in +text+ by formatting them with a
|
|
134
|
+
# highlighter string. +phrases+ can be one or more strings or regular
|
|
135
|
+
# expressions. The result will be marked HTML safe. By default, +text+ is
|
|
136
|
+
# sanitized before highlighting to prevent possible XSS attacks.
|
|
137
|
+
#
|
|
138
|
+
# If a block is specified, it will be used instead of the highlighter
|
|
139
|
+
# string. Each occurrence of a phrase will be passed to the block, and its
|
|
140
|
+
# return value will be inserted into the final result.
|
|
141
|
+
#
|
|
142
|
+
# ==== Options
|
|
143
|
+
#
|
|
144
|
+
# [+:highlighter+]
|
|
145
|
+
# The highlighter string. Uses <tt>\1</tt> as the placeholder for a
|
|
146
|
+
# phrase, similar to +String#sub+. Defaults to <tt>"<mark>\1</mark>"</tt>.
|
|
147
|
+
# This option is ignored if a block is specified.
|
|
148
|
+
#
|
|
149
|
+
# [+:sanitize+]
|
|
150
|
+
# Whether to sanitize +text+ before highlighting. Defaults to true.
|
|
151
|
+
#
|
|
152
|
+
# ==== Examples
|
|
116
153
|
#
|
|
117
154
|
# highlight('You searched for: rails', 'rails')
|
|
118
|
-
# # => You searched for: <mark>rails</mark>
|
|
155
|
+
# # => "You searched for: <mark>rails</mark>"
|
|
119
156
|
#
|
|
120
157
|
# highlight('You searched for: rails', /for|rails/)
|
|
121
|
-
# # => You searched <mark>for</mark>: <mark>rails</mark>
|
|
158
|
+
# # => "You searched <mark>for</mark>: <mark>rails</mark>"
|
|
122
159
|
#
|
|
123
160
|
# highlight('You searched for: ruby, rails, dhh', 'actionpack')
|
|
124
|
-
# # => You searched for: ruby, rails, dhh
|
|
161
|
+
# # => "You searched for: ruby, rails, dhh"
|
|
125
162
|
#
|
|
126
163
|
# highlight('You searched for: rails', ['for', 'rails'], highlighter: '<em>\1</em>')
|
|
127
|
-
# # => You searched <em>for</em>: <em>rails</em>
|
|
164
|
+
# # => "You searched <em>for</em>: <em>rails</em>"
|
|
128
165
|
#
|
|
129
166
|
# highlight('You searched for: rails', 'rails', highlighter: '<a href="search?q=\1">\1</a>')
|
|
130
|
-
# # => You searched for: <a href
|
|
167
|
+
# # => "You searched for: <a href=\"search?q=rails\">rails</a>"
|
|
131
168
|
#
|
|
132
169
|
# highlight('You searched for: rails', 'rails') { |match| link_to(search_path(q: match, match)) }
|
|
133
|
-
# # => You searched for: <a href
|
|
170
|
+
# # => "You searched for: <a href=\"search?q=rails\">rails</a>"
|
|
134
171
|
#
|
|
135
172
|
# highlight('<a href="javascript:alert(\'no!\')">ruby</a> on rails', 'rails', sanitize: false)
|
|
136
|
-
# # => <a href
|
|
173
|
+
# # => "<a href=\"javascript:alert('no!')\">ruby</a> on <mark>rails</mark>"
|
|
137
174
|
def highlight(text, phrases, options = {}, &block)
|
|
138
175
|
text = sanitize(text) if options.fetch(:sanitize, true)
|
|
139
176
|
|
|
@@ -156,30 +193,45 @@ module ActionView
|
|
|
156
193
|
end.html_safe
|
|
157
194
|
end
|
|
158
195
|
|
|
159
|
-
# Extracts
|
|
160
|
-
#
|
|
161
|
-
#
|
|
162
|
-
#
|
|
163
|
-
#
|
|
164
|
-
#
|
|
196
|
+
# Extracts the first occurrence of +phrase+ plus surrounding text from
|
|
197
|
+
# +text+. An omission marker is prepended / appended if the start / end of
|
|
198
|
+
# the result does not coincide with the start / end of +text+. The result
|
|
199
|
+
# is always stripped in any case. Returns +nil+ if +phrase+ isn't found.
|
|
200
|
+
#
|
|
201
|
+
# ==== Options
|
|
202
|
+
#
|
|
203
|
+
# [+:radius+]
|
|
204
|
+
# The number of characters (or tokens — see +:separator+ option) around
|
|
205
|
+
# +phrase+ to include in the result. Defaults to 100.
|
|
206
|
+
#
|
|
207
|
+
# [+:omission+]
|
|
208
|
+
# The marker to prepend / append when the start / end of the excerpt
|
|
209
|
+
# does not coincide with the start / end of +text+. Defaults to
|
|
210
|
+
# <tt>"..."</tt>.
|
|
211
|
+
#
|
|
212
|
+
# [+:separator+]
|
|
213
|
+
# The separator between tokens to count for +:radius+. Defaults to
|
|
214
|
+
# <tt>""</tt>, which treats each character as a token.
|
|
215
|
+
#
|
|
216
|
+
# ==== Examples
|
|
165
217
|
#
|
|
166
218
|
# excerpt('This is an example', 'an', radius: 5)
|
|
167
|
-
# # => ...s is an exam...
|
|
219
|
+
# # => "...s is an exam..."
|
|
168
220
|
#
|
|
169
221
|
# excerpt('This is an example', 'is', radius: 5)
|
|
170
|
-
# # => This is a...
|
|
222
|
+
# # => "This is a..."
|
|
171
223
|
#
|
|
172
224
|
# excerpt('This is an example', 'is')
|
|
173
|
-
# # => This is an example
|
|
225
|
+
# # => "This is an example"
|
|
174
226
|
#
|
|
175
227
|
# excerpt('This next thing is an example', 'ex', radius: 2)
|
|
176
|
-
# # => ...next...
|
|
228
|
+
# # => "...next..."
|
|
177
229
|
#
|
|
178
230
|
# excerpt('This is also an example', 'an', radius: 8, omission: '<chop> ')
|
|
179
|
-
# # => <chop> is also an example
|
|
231
|
+
# # => "<chop> is also an example"
|
|
180
232
|
#
|
|
181
233
|
# excerpt('This is a very beautiful morning', 'very', separator: ' ', radius: 1)
|
|
182
|
-
# # => ...a very beautiful...
|
|
234
|
+
# # => "...a very beautiful..."
|
|
183
235
|
def excerpt(text, phrase, options = {})
|
|
184
236
|
return unless text && phrase
|
|
185
237
|
|
|
@@ -215,26 +267,26 @@ module ActionView
|
|
|
215
267
|
# Attempts to pluralize the +singular+ word unless +count+ is 1. If
|
|
216
268
|
# +plural+ is supplied, it will use that when count is > 1, otherwise
|
|
217
269
|
# it will use the Inflector to determine the plural form for the given locale,
|
|
218
|
-
# which defaults to I18n.locale
|
|
270
|
+
# which defaults to +I18n.locale+.
|
|
219
271
|
#
|
|
220
272
|
# The word will be pluralized using rules defined for the locale
|
|
221
273
|
# (you must define your own inflection rules for languages other than English).
|
|
222
274
|
# See ActiveSupport::Inflector.pluralize
|
|
223
275
|
#
|
|
224
276
|
# pluralize(1, 'person')
|
|
225
|
-
# # => 1 person
|
|
277
|
+
# # => "1 person"
|
|
226
278
|
#
|
|
227
279
|
# pluralize(2, 'person')
|
|
228
|
-
# # => 2 people
|
|
280
|
+
# # => "2 people"
|
|
229
281
|
#
|
|
230
282
|
# pluralize(3, 'person', plural: 'users')
|
|
231
|
-
# # => 3 users
|
|
283
|
+
# # => "3 users"
|
|
232
284
|
#
|
|
233
285
|
# pluralize(0, 'person')
|
|
234
|
-
# # => 0 people
|
|
286
|
+
# # => "0 people"
|
|
235
287
|
#
|
|
236
288
|
# pluralize(2, 'Person', locale: :de)
|
|
237
|
-
# # => 2 Personen
|
|
289
|
+
# # => "2 Personen"
|
|
238
290
|
def pluralize(count, singular, plural_arg = nil, plural: plural_arg, locale: I18n.locale)
|
|
239
291
|
word = if count == 1 || count.to_s.match?(/^1(\.0+)?$/)
|
|
240
292
|
singular
|
|
@@ -250,22 +302,24 @@ module ActionView
|
|
|
250
302
|
# (which is 80 by default).
|
|
251
303
|
#
|
|
252
304
|
# word_wrap('Once upon a time')
|
|
253
|
-
# # => Once upon a time
|
|
305
|
+
# # => "Once upon a time"
|
|
254
306
|
#
|
|
255
307
|
# word_wrap('Once upon a time, in a kingdom called Far Far Away, a king fell ill, and finding a successor to the throne turned out to be more trouble than anyone could have imagined...')
|
|
256
|
-
# # => Once upon a time, in a kingdom called Far Far Away, a king fell ill, and finding\na successor to the throne turned out to be more trouble than anyone could have\nimagined...
|
|
308
|
+
# # => "Once upon a time, in a kingdom called Far Far Away, a king fell ill, and finding\na successor to the throne turned out to be more trouble than anyone could have\nimagined..."
|
|
257
309
|
#
|
|
258
310
|
# word_wrap('Once upon a time', line_width: 8)
|
|
259
|
-
# # => Once\nupon a\ntime
|
|
311
|
+
# # => "Once\nupon a\ntime"
|
|
260
312
|
#
|
|
261
313
|
# word_wrap('Once upon a time', line_width: 1)
|
|
262
|
-
# # => Once\nupon\na\ntime
|
|
314
|
+
# # => "Once\nupon\na\ntime"
|
|
263
315
|
#
|
|
264
|
-
#
|
|
316
|
+
# You can also specify a custom +break_sequence+ ("\n" by default):
|
|
265
317
|
#
|
|
266
318
|
# word_wrap('Once upon a time', line_width: 1, break_sequence: "\r\n")
|
|
267
|
-
# # => Once\r\nupon\r\na\r\ntime
|
|
319
|
+
# # => "Once\r\nupon\r\na\r\ntime"
|
|
268
320
|
def word_wrap(text, line_width: 80, break_sequence: "\n")
|
|
321
|
+
return +"" if text.empty?
|
|
322
|
+
|
|
269
323
|
# Match up to `line_width` characters, followed by one of
|
|
270
324
|
# (1) non-newline whitespace plus an optional newline
|
|
271
325
|
# (2) the end of the string, ignoring any trailing newlines
|
|
@@ -334,7 +388,7 @@ module ActionView
|
|
|
334
388
|
end
|
|
335
389
|
end
|
|
336
390
|
|
|
337
|
-
# Creates a Cycle object whose
|
|
391
|
+
# Creates a Cycle object whose +to_s+ method cycles through elements of an
|
|
338
392
|
# array every time it is called. This can be used for example, to alternate
|
|
339
393
|
# classes for table rows. You can use named cycles to allow nesting in loops.
|
|
340
394
|
# Passing a Hash as the last parameter with a <tt>:name</tt> key will create a
|
|
@@ -343,8 +397,8 @@ module ActionView
|
|
|
343
397
|
# and passing the name of the cycle. The current cycle string can be obtained
|
|
344
398
|
# anytime using the current_cycle method.
|
|
345
399
|
#
|
|
346
|
-
#
|
|
347
|
-
# @items = [1,2,3,4]
|
|
400
|
+
# <%# Alternate CSS classes for even and odd numbers... %>
|
|
401
|
+
# <% @items = [1,2,3,4] %>
|
|
348
402
|
# <table>
|
|
349
403
|
# <% @items.each do |item| %>
|
|
350
404
|
# <tr class="<%= cycle("odd", "even") -%>">
|
|
@@ -354,10 +408,12 @@ module ActionView
|
|
|
354
408
|
# </table>
|
|
355
409
|
#
|
|
356
410
|
#
|
|
357
|
-
#
|
|
358
|
-
# @items =
|
|
359
|
-
#
|
|
360
|
-
#
|
|
411
|
+
# <%# Cycle CSS classes for rows, and text colors for values within each row %>
|
|
412
|
+
# <% @items = [
|
|
413
|
+
# { first: "Robert", middle: "Daniel", last: "James" },
|
|
414
|
+
# { first: "Emily", middle: "Shannon", maiden: "Pike", last: "Hicks" },
|
|
415
|
+
# { first: "June", middle: "Dae", last: "Jones" },
|
|
416
|
+
# ] %>
|
|
361
417
|
# <% @items.each do |item| %>
|
|
362
418
|
# <tr class="<%= cycle("odd", "even", name: "row_class") -%>">
|
|
363
419
|
# <td>
|
|
@@ -388,8 +444,8 @@ module ActionView
|
|
|
388
444
|
# for complex table highlighting or any other design need which requires
|
|
389
445
|
# the current cycle string in more than one place.
|
|
390
446
|
#
|
|
391
|
-
#
|
|
392
|
-
# @items = [1,2,3,4]
|
|
447
|
+
# <%# Alternate background colors %>
|
|
448
|
+
# <% @items = [1,2,3,4] %>
|
|
393
449
|
# <% @items.each do |item| %>
|
|
394
450
|
# <div style="background-color:<%= cycle("red","white","blue") %>">
|
|
395
451
|
# <span style="background-color:<%= current_cycle %>"><%= item %></span>
|
|
@@ -403,8 +459,8 @@ module ActionView
|
|
|
403
459
|
# Resets a cycle so that it starts from the first element the next time
|
|
404
460
|
# it is called. Pass in +name+ to reset a named cycle.
|
|
405
461
|
#
|
|
406
|
-
#
|
|
407
|
-
# @items = [[1,2,3,4], [5,6,3], [3,4,5,6,7,4]]
|
|
462
|
+
# <%# Alternate CSS classes for even and odd numbers... %>
|
|
463
|
+
# <% @items = [[1,2,3,4], [5,6,3], [3,4,5,6,7,4]] %>
|
|
408
464
|
# <table>
|
|
409
465
|
# <% @items.each do |item| %>
|
|
410
466
|
# <tr class="<%= cycle("even", "odd") -%>">
|
|
@@ -561,6 +561,8 @@ module ActionView
|
|
|
561
561
|
content_tag("a", name || email_address, html_options, &block)
|
|
562
562
|
end
|
|
563
563
|
|
|
564
|
+
RFC2396_PARSER = defined?(URI::RFC2396_PARSER) ? URI::RFC2396_PARSER : URI::RFC2396_Parser.new
|
|
565
|
+
|
|
564
566
|
# True if the current request URI was generated by the given +options+.
|
|
565
567
|
#
|
|
566
568
|
# ==== Examples
|
|
@@ -617,14 +619,14 @@ module ActionView
|
|
|
617
619
|
|
|
618
620
|
options ||= options_as_kwargs
|
|
619
621
|
check_parameters ||= options.is_a?(Hash) && options.delete(:check_parameters)
|
|
620
|
-
url_string =
|
|
622
|
+
url_string = RFC2396_PARSER.unescape(url_for(options)).force_encoding(Encoding::BINARY)
|
|
621
623
|
|
|
622
624
|
# We ignore any extra parameters in the request_uri if the
|
|
623
625
|
# submitted URL doesn't have any either. This lets the function
|
|
624
626
|
# work with things like ?order=asc
|
|
625
627
|
# the behavior can be disabled with check_parameters: true
|
|
626
628
|
request_uri = url_string.index("?") || check_parameters ? request.fullpath : request.path
|
|
627
|
-
request_uri =
|
|
629
|
+
request_uri = RFC2396_PARSER.unescape(request_uri).force_encoding(Encoding::BINARY)
|
|
628
630
|
|
|
629
631
|
if %r{^\w+://}.match?(url_string)
|
|
630
632
|
request_uri = +"#{request.protocol}#{request.host_with_port}#{request_uri}"
|
|
@@ -784,7 +786,7 @@ module ActionView
|
|
|
784
786
|
end
|
|
785
787
|
|
|
786
788
|
def add_method_to_attributes!(html_options, method)
|
|
787
|
-
if method_not_get_method?(method) && !html_options["rel"]
|
|
789
|
+
if method_not_get_method?(method) && !html_options["rel"].to_s.include?("nofollow")
|
|
788
790
|
if html_options["rel"].blank?
|
|
789
791
|
html_options["rel"] = "nofollow"
|
|
790
792
|
else
|
data/lib/action_view/layouts.rb
CHANGED
|
@@ -152,7 +152,7 @@ module ActionView
|
|
|
152
152
|
# The template will be looked always in <tt>app/views/layouts/</tt> folder. But you can point
|
|
153
153
|
# <tt>layouts</tt> folder direct also. <tt>layout "layouts/demo"</tt> is the same as <tt>layout "demo"</tt>.
|
|
154
154
|
#
|
|
155
|
-
# Setting the layout to +nil+ forces it to be looked up in the filesystem and
|
|
155
|
+
# Setting the layout to +nil+ forces it to be looked up in the filesystem and falls back to the parent behavior if none exists.
|
|
156
156
|
# Setting it to +nil+ is useful to re-enable template lookup overriding a previous configuration set in the parent:
|
|
157
157
|
#
|
|
158
158
|
# class ApplicationController < ActionController::Base
|
|
@@ -164,7 +164,7 @@ module ActionView
|
|
|
164
164
|
# end
|
|
165
165
|
#
|
|
166
166
|
# class CommentsController < ApplicationController
|
|
167
|
-
# # Will search for "comments" layout and
|
|
167
|
+
# # Will search for "comments" layout and fall back to "application" layout
|
|
168
168
|
# layout nil
|
|
169
169
|
# end
|
|
170
170
|
#
|
data/lib/action_view/template.rb
CHANGED
|
@@ -258,7 +258,8 @@ module ActionView
|
|
|
258
258
|
view._run(method_name, self, locals, buffer, add_to_stack: add_to_stack, has_strict_locals: strict_locals?, &block)
|
|
259
259
|
nil
|
|
260
260
|
else
|
|
261
|
-
view._run(method_name, self, locals, OutputBuffer.new, add_to_stack: add_to_stack, has_strict_locals: strict_locals?, &block)
|
|
261
|
+
result = view._run(method_name, self, locals, OutputBuffer.new, add_to_stack: add_to_stack, has_strict_locals: strict_locals?, &block)
|
|
262
|
+
result.is_a?(OutputBuffer) ? result.to_s : result
|
|
262
263
|
end
|
|
263
264
|
end
|
|
264
265
|
rescue => e
|
|
@@ -423,9 +424,13 @@ module ActionView
|
|
|
423
424
|
|
|
424
425
|
method_arguments =
|
|
425
426
|
if set_strict_locals
|
|
426
|
-
|
|
427
|
+
if set_strict_locals.include?("&")
|
|
428
|
+
"output_buffer, #{set_strict_locals}"
|
|
429
|
+
else
|
|
430
|
+
"output_buffer, #{set_strict_locals}, &_"
|
|
431
|
+
end
|
|
427
432
|
else
|
|
428
|
-
"local_assigns, output_buffer"
|
|
433
|
+
"local_assigns, output_buffer, &_"
|
|
429
434
|
end
|
|
430
435
|
|
|
431
436
|
# Make sure that the resulting String to be eval'd is in the
|
|
@@ -490,6 +495,8 @@ module ActionView
|
|
|
490
495
|
![:keyreq, :key, :keyrest, :nokey].include?(parameter[0])
|
|
491
496
|
end
|
|
492
497
|
|
|
498
|
+
non_kwarg_parameters.pop if non_kwarg_parameters.last == %i(block _)
|
|
499
|
+
|
|
493
500
|
unless non_kwarg_parameters.empty?
|
|
494
501
|
mod.undef_method(method_name)
|
|
495
502
|
|
|
@@ -501,7 +508,7 @@ module ActionView
|
|
|
501
508
|
end
|
|
502
509
|
|
|
503
510
|
unless parameters.any? { |type, _| type == :keyrest }
|
|
504
|
-
parameters.map!(&:
|
|
511
|
+
parameters.map!(&:last)
|
|
505
512
|
parameters.sort!
|
|
506
513
|
@strict_local_keys = parameters.freeze
|
|
507
514
|
end
|
|
@@ -60,7 +60,7 @@ module ActionView
|
|
|
60
60
|
include ActiveSupport::Testing::ConstantLookup
|
|
61
61
|
|
|
62
62
|
delegate :lookup_context, to: :controller
|
|
63
|
-
attr_accessor :controller, :request, :output_buffer
|
|
63
|
+
attr_accessor :controller, :request, :output_buffer, :rendered
|
|
64
64
|
|
|
65
65
|
module ClassMethods
|
|
66
66
|
def inherited(descendant) # :nodoc:
|
|
@@ -198,7 +198,7 @@ module ActionView
|
|
|
198
198
|
end
|
|
199
199
|
|
|
200
200
|
included do
|
|
201
|
-
class_attribute :content_class, instance_accessor: false, default:
|
|
201
|
+
class_attribute :content_class, instance_accessor: false, default: RenderedViewContent
|
|
202
202
|
|
|
203
203
|
setup :setup_with_controller
|
|
204
204
|
|
|
@@ -224,7 +224,7 @@ module ActionView
|
|
|
224
224
|
@request = @controller.request
|
|
225
225
|
@view_flow = ActionView::OutputFlow.new
|
|
226
226
|
@output_buffer = ActionView::OutputBuffer.new
|
|
227
|
-
@rendered = +""
|
|
227
|
+
@rendered = self.class.content_class.new(+"")
|
|
228
228
|
|
|
229
229
|
test_case_instance = self
|
|
230
230
|
controller_class.define_method(:_test_case) { test_case_instance }
|
|
@@ -244,6 +244,9 @@ module ActionView
|
|
|
244
244
|
@_rendered_views ||= RenderedViewsCollection.new
|
|
245
245
|
end
|
|
246
246
|
|
|
247
|
+
##
|
|
248
|
+
# :method: rendered
|
|
249
|
+
#
|
|
247
250
|
# Returns the content rendered by the last +render+ call.
|
|
248
251
|
#
|
|
249
252
|
# The returned object behaves like a string but also exposes a number of methods
|
|
@@ -291,15 +294,12 @@ module ActionView
|
|
|
291
294
|
#
|
|
292
295
|
# assert_pattern { rendered.json => { title: "Hello, world" } }
|
|
293
296
|
# end
|
|
294
|
-
def rendered
|
|
295
|
-
@_rendered ||= self.class.content_class.new(@rendered)
|
|
296
|
-
end
|
|
297
297
|
|
|
298
298
|
def _routes
|
|
299
299
|
@controller._routes if @controller.respond_to?(:_routes)
|
|
300
300
|
end
|
|
301
301
|
|
|
302
|
-
class
|
|
302
|
+
class RenderedViewContent < String # :nodoc:
|
|
303
303
|
end
|
|
304
304
|
|
|
305
305
|
# Need to experiment if this priority is the best one: rendered => output_buffer
|
|
@@ -26,15 +26,15 @@ module ActionView
|
|
|
26
26
|
# while holding the lock.
|
|
27
27
|
template = (@templates[normalized_locals] ||= build_template(normalized_locals))
|
|
28
28
|
|
|
29
|
-
# This may have already been assigned, but we've already de-dup'd so
|
|
30
|
-
# reassignment is fine.
|
|
31
|
-
@templates[locals.dup] = template
|
|
32
|
-
|
|
33
29
|
if template.strict_locals?
|
|
34
30
|
# Under strict locals, we only need one template.
|
|
35
31
|
# This replaces the @templates Concurrent::Map with a hash which
|
|
36
32
|
# returns this template for every key.
|
|
37
33
|
@templates = Hash.new(template).freeze
|
|
34
|
+
else
|
|
35
|
+
# This may have already been assigned, but we've already de-dup'd so
|
|
36
|
+
# reassignment is fine.
|
|
37
|
+
@templates[locals.dup] = template
|
|
38
38
|
end
|
|
39
39
|
end
|
|
40
40
|
end
|
data/lib/action_view.rb
CHANGED