activesupport 2.3.6 → 2.3.7
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of activesupport might be problematic. Click here for more details.
- data/CHANGELOG +5 -0
- data/lib/active_support/core_ext/string/output_safety.rb +2 -50
- data/lib/active_support/version.rb +1 -1
- metadata +3 -3
data/CHANGELOG
CHANGED
|
@@ -1,22 +1,6 @@
|
|
|
1
1
|
require 'erb'
|
|
2
2
|
|
|
3
3
|
class ERB
|
|
4
|
-
undef :set_eoutvar
|
|
5
|
-
def set_eoutvar(compiler, eoutvar = '_erbout')
|
|
6
|
-
compiler.put_cmd = "#{eoutvar}.safe_concat"
|
|
7
|
-
compiler.insert_cmd = "#{eoutvar}.safe_concat"
|
|
8
|
-
|
|
9
|
-
cmd = []
|
|
10
|
-
cmd.push "#{eoutvar} = ActiveSupport::SafeBuffer.new"
|
|
11
|
-
|
|
12
|
-
compiler.pre_cmd = cmd
|
|
13
|
-
|
|
14
|
-
cmd = []
|
|
15
|
-
cmd.push(eoutvar)
|
|
16
|
-
|
|
17
|
-
compiler.post_cmd = cmd
|
|
18
|
-
end
|
|
19
|
-
|
|
20
4
|
module Util
|
|
21
5
|
HTML_ESCAPE = { '&' => '&', '>' => '>', '<' => '<', '"' => '"' }
|
|
22
6
|
JSON_ESCAPE = { '&' => '\u0026', '>' => '\u003E', '<' => '\u003C' }
|
|
@@ -112,7 +96,7 @@ module ActiveSupport #:nodoc:
|
|
|
112
96
|
end
|
|
113
97
|
|
|
114
98
|
class String
|
|
115
|
-
|
|
99
|
+
alias safe_concat concat
|
|
116
100
|
|
|
117
101
|
def as_str
|
|
118
102
|
self
|
|
@@ -123,38 +107,6 @@ class String
|
|
|
123
107
|
end
|
|
124
108
|
|
|
125
109
|
def html_safe?
|
|
126
|
-
|
|
127
|
-
end
|
|
128
|
-
|
|
129
|
-
def html_safe!
|
|
130
|
-
ActiveSupport::Deprecation.warn("Use html_safe with your strings instead of html_safe! See http://yehudakatz.com/2010/02/01/safebuffers-and-rails-3-0/ for the full story.", caller)
|
|
131
|
-
@_rails_html_safe = true
|
|
132
|
-
self
|
|
133
|
-
end
|
|
134
|
-
|
|
135
|
-
def add_with_safety(other)
|
|
136
|
-
result = add_without_safety(other)
|
|
137
|
-
if html_safe? && also_html_safe?(other)
|
|
138
|
-
result.html_safe!
|
|
139
|
-
else
|
|
140
|
-
result
|
|
141
|
-
end
|
|
142
|
-
end
|
|
143
|
-
alias_method :+, :add_with_safety
|
|
144
|
-
|
|
145
|
-
def concat_with_safety(other_or_fixnum)
|
|
146
|
-
result = concat_without_safety(other_or_fixnum)
|
|
147
|
-
unless html_safe? && also_html_safe?(other_or_fixnum)
|
|
148
|
-
remove_instance_variable(:@_rails_html_safe) if defined?(@_rails_html_safe)
|
|
149
|
-
end
|
|
150
|
-
result
|
|
110
|
+
false
|
|
151
111
|
end
|
|
152
|
-
alias_method_chain :concat, :safety
|
|
153
|
-
undef_method :<<
|
|
154
|
-
alias_method :<<, :concat_with_safety
|
|
155
|
-
|
|
156
|
-
private
|
|
157
|
-
def also_html_safe?(other)
|
|
158
|
-
other.respond_to?(:html_safe?) && other.html_safe?
|
|
159
|
-
end
|
|
160
112
|
end
|
metadata
CHANGED
|
@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
|
|
|
5
5
|
segments:
|
|
6
6
|
- 2
|
|
7
7
|
- 3
|
|
8
|
-
-
|
|
9
|
-
version: 2.3.
|
|
8
|
+
- 7
|
|
9
|
+
version: 2.3.7
|
|
10
10
|
platform: ruby
|
|
11
11
|
authors:
|
|
12
12
|
- David Heinemeier Hansson
|
|
@@ -14,7 +14,7 @@ autorequire:
|
|
|
14
14
|
bindir: bin
|
|
15
15
|
cert_chain: []
|
|
16
16
|
|
|
17
|
-
date: 2010-05-
|
|
17
|
+
date: 2010-05-24 00:00:00 -07:00
|
|
18
18
|
default_executable:
|
|
19
19
|
dependencies: []
|
|
20
20
|
|