activesupport 3.0.17 → 3.0.18

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of activesupport might be problematic. Click here for more details.

Files changed (4) hide show
  1. data/CHANGELOG +3 -1
  2. data/lib/active_support/core_ext/string/output_safety.rb +26 -15
  3. data/lib/active_support/version.rb +1 -1
  4. metadata +3 -3
data/CHANGELOG CHANGED
@@ -1,6 +1,8 @@
1
+ ## Rails 3.0.18
2
+
1
3
  ## Rails 3.0.17 (Aug 9, 2012)
2
4
 
3
- * No changes.
5
+ * ERB::Util.html_escape now escapes single quotes. [Santiago Pastorino]
4
6
 
5
7
  ## Rails 3.0.16 (Jul 26, 2012)
6
8
 
data/lib/active_support/core_ext/string/output_safety.rb CHANGED
@@ -6,21 +6,32 @@ class ERB
6
6
  HTML_ESCAPE = { '&' => '&amp;', '>' => '&gt;', '<' => '&lt;', '"' => '&quot;', "'" => '&#x27;' }
7
7
  JSON_ESCAPE = { '&' => '\u0026', '>' => '\u003E', '<' => '\u003C' }
8
8
 
9
- # A utility method for escaping HTML tag characters.
10
- # This method is also aliased as <tt>h</tt>.
11
- #
12
- # In your ERB templates, use this method to escape any unsafe content. For example:
13
- # <%=h @person.name %>
14
- #
15
- # ==== Example:
16
- # puts html_escape("is a > 0 & a < 10?")
17
- # # => is a &gt; 0 &amp; a &lt; 10?
18
- def html_escape(s)
19
- s = s.to_s
20
- if s.html_safe?
21
- s
22
- else
23
- s.gsub(/[&"'><]/n) { |special| HTML_ESCAPE[special] }.html_safe
9
+ if RUBY_VERSION >= '1.9'
10
+ # A utility method for escaping HTML tag characters.
11
+ # This method is also aliased as <tt>h</tt>.
12
+ #
13
+ # In your ERB templates, use this method to escape any unsafe content. For example:
14
+ # <%=h @person.name %>
15
+ #
16
+ # ==== Example:
17
+ # puts html_escape("is a > 0 & a < 10?")
18
+ # # => is a &gt; 0 &amp; a &lt; 10?
19
+ def html_escape(s)
20
+ s = s.to_s
21
+ if s.html_safe?
22
+ s
23
+ else
24
+ s.gsub(/[&"'><]/, HTML_ESCAPE).html_safe
25
+ end
26
+ end
27
+ else
28
+ def html_escape(s) #:nodoc:
29
+ s = s.to_s
30
+ if s.html_safe?
31
+ s
32
+ else
33
+ s.gsub(/[&"'><]/n) { |special| HTML_ESCAPE[special] }.html_safe
34
+ end
24
35
  end
25
36
  end
26
37
 
data/lib/active_support/version.rb CHANGED
@@ -2,7 +2,7 @@ module ActiveSupport
2
2
  module VERSION #:nodoc:
3
3
  MAJOR = 3
4
4
  MINOR = 0
5
- TINY = 17
5
+ TINY = 18
6
6
  PRE = nil
7
7
 
8
8
  STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: activesupport
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.17
4
+ version: 3.0.18
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-08-09 00:00:00.000000000 Z
12
+ date: 2012-12-23 00:00:00.000000000 Z
13
13
  dependencies: []
14
14
  description: A toolkit of support libraries and Ruby core extensions extracted from
15
15
  the Rails framework. Rich support for multibyte strings, internationalization, time
@@ -248,7 +248,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
248
248
  version: '0'
249
249
  segments:
250
250
  - 0
251
- hash: -2545111425282888453
251
+ hash: -2978729202858728316
252
252
  requirements: []
253
253
  rubyforge_project: activesupport
254
254
  rubygems_version: 1.8.24