activesupport 3.1.7 → 3.1.8

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of activesupport might be problematic. Click here for more details.

Files changed (4) hide show
  1. data/CHANGELOG.md +4 -0
  2. data/lib/active_support/core_ext/string/output_safety.rb +16 -37
  3. data/lib/active_support/version.rb +1 -1
  4. metadata +6 -3
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ## Rails 3.1.8 (Aug 9, 2012)
2
+
3
+ * No changes.
4
+
1
5
  ## Rails 3.1.7 (Jul 26, 2012)
2
6
 
3
7
  * No changes.
data/lib/active_support/core_ext/string/output_safety.rb CHANGED
@@ -3,45 +3,24 @@ require 'active_support/core_ext/kernel/singleton_class'
3
3
 
4
4
  class ERB
5
5
  module Util
6
- HTML_ESCAPE = { '&' => '&amp;', '>' => '&gt;', '<' => '&lt;', '"' => '&quot;' }
6
+ HTML_ESCAPE = { '&' => '&amp;', '>' => '&gt;', '<' => '&lt;', '"' => '&quot;', "'" => '&#x27;' }
7
7
  JSON_ESCAPE = { '&' => '\u0026', '>' => '\u003E', '<' => '\u003C' }
8
8
 
9
- # Detect whether 1.9 can transcode with XML escaping.
10
- if '"&gt;&lt;&amp;&quot;"' == ('><&"'.encode('utf-8', :xml => :attr) rescue false)
11
- # A utility method for escaping HTML tag characters.
12
- # This method is also aliased as <tt>h</tt>.
13
- #
14
- # In your ERB templates, use this method to escape any unsafe content. For example:
15
- # <%=h @person.name %>
16
- #
17
- # ==== Example:
18
- # puts html_escape("is a > 0 & a < 10?")
19
- # # => is a &gt; 0 &amp; a &lt; 10?
20
- def html_escape(s)
21
- s = s.to_s
22
- if s.html_safe?
23
- s
24
- else
25
- s.encode(s.encoding, :xml => :attr)[1...-1].html_safe
26
- end
27
- end
28
- else
29
- # A utility method for escaping HTML tag characters.
30
- # This method is also aliased as <tt>h</tt>.
31
- #
32
- # In your ERB templates, use this method to escape any unsafe content. For example:
33
- # <%=h @person.name %>
34
- #
35
- # ==== Example:
36
- # puts html_escape("is a > 0 & a < 10?")
37
- # # => is a &gt; 0 &amp; a &lt; 10?
38
- def html_escape(s)
39
- s = s.to_s
40
- if s.html_safe?
41
- s
42
- else
43
- s.gsub(/[&"><]/n) { |special| HTML_ESCAPE[special] }.html_safe
44
- end
9
+ # A utility method for escaping HTML tag characters.
10
+ # This method is also aliased as <tt>h</tt>.
11
+ #
12
+ # In your ERB templates, use this method to escape any unsafe content. For example:
13
+ # <%=h @person.name %>
14
+ #
15
+ # ==== Example:
16
+ # puts html_escape("is a > 0 & a < 10?")
17
+ # # => is a &gt; 0 &amp; a &lt; 10?
18
+ def html_escape(s)
19
+ s = s.to_s
20
+ if s.html_safe?
21
+ s
22
+ else
23
+ s.gsub(/[&"'><]/n) { |special| HTML_ESCAPE[special] }.html_safe
45
24
  end
46
25
  end
47
26
 
data/lib/active_support/version.rb CHANGED
@@ -2,7 +2,7 @@ module ActiveSupport
2
2
  module VERSION #:nodoc:
3
3
  MAJOR = 3
4
4
  MINOR = 1
5
- TINY = 7
5
+ TINY = 8
6
6
  PRE = nil
7
7
 
8
8
  STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: activesupport
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.1.7
4
+ version: 3.1.8
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-07-26 00:00:00.000000000 Z
12
+ date: 2012-08-09 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: multi_json
@@ -275,9 +275,12 @@ required_rubygems_version: !ruby/object:Gem::Requirement
275
275
  - - ! '>='
276
276
  - !ruby/object:Gem::Version
277
277
  version: '0'
278
+ segments:
279
+ - 0
280
+ hash: 1313720041613742728
278
281
  requirements: []
279
282
  rubyforge_project:
280
- rubygems_version: 1.8.23
283
+ rubygems_version: 1.8.24
281
284
  signing_key:
282
285
  specification_version: 3
283
286
  summary: A toolkit of support libraries and Ruby core extensions extracted from the