RubyGems - brakeman - Versions diffs - 0.4.0 → 0.4.1 - Mend

brakeman 0.4.0 → 0.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

data/lib/scanner.rb CHANGED Viewed

@@ -214,16 +214,28 @@ end
 #This is from Rails 3 version of the Erubis handler
 class RailsXSSErubis < ::Erubis::Eruby
-  include Erubis::NoTextEnhancer
-  #Initializes output buffer.
   def add_preamble(src)
     # src << "_buf = ActionView::SafeBuffer.new;\n"
   end
-  #This does nothing.
   def add_text(src, text)
-    # src << "@output_buffer << ('" << escape_text(text) << "'.html_safe!);"
+    if text.include? "\n"
+      lines = text.split("\n")
+      if text.match /\n\z/
+        lines.each do |line|
+          src << "@output_buffer << ('" << escape_text(line) << "'.html_safe!);\n"
+        end
+      else
+        lines[0..-2].each do |line|
+          src << "@output_buffer << ('" << escape_text(line) << "'.html_safe!);\n"
+        end
+        src << "@output_buffer << ('" << escape_text(lines.last) << "'.html_safe!);"
+      end
+    else
+      src << "@output_buffer << ('" << escape_text(text) << "'.html_safe!);"
+    end
   end
   BLOCK_EXPR = /\s+(do|\{)(\s*\|[^|]*\|)?\s*\Z/

data/lib/version.rb CHANGED Viewed

	@@ -1 +1 @@
1	- Version = "0.4.0"
1	+ Version = "0.4.1"

metadata CHANGED Viewed

@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
   segments:
   - 0
   - 4
-  - 0
-  version: 0.4.0
+  - 1
+  version: 0.4.1
 platform: ruby
 authors:
 - Justin Collins
@@ -14,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-05-18 00:00:00 -07:00
+date: 2011-05-23 00:00:00 -07:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency