contextual 0.0.1-java → 0.0.2-java

Sign up to get free protection for your applications and to get access to all the features.
data/README.md CHANGED
@@ -43,3 +43,6 @@ The safe parts are treated as literal chunks of HTML/CSS/JS, the query string pa
43
43
 
44
44
  Contextual will also automatically strip variety of injection cases for JS, CSS, and HTML, and give you a [dozen other features](https://github.com/mikesamuel/html-contextual-autoescaper-java/tree/master/src/tests/com/google/autoesc) for free.
45
45
 
46
+ ### License
47
+
48
+ (MIT License) - Copyright (c) 2012 Ilya Grigorik
@@ -16,6 +16,9 @@ Gem::Specification.new do |s|
16
16
 
17
17
  s.add_development_dependency "rspec"
18
18
 
19
+ # Only required to test rails integration
20
+ s.add_development_dependency 'rails'
21
+
19
22
  s.files = `git ls-files`.split("\n")
20
23
  s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
21
24
  s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
@@ -1,3 +1,4 @@
1
1
  require "contextual/version"
2
2
  require "contextual/contextual"
3
- require "contextual/rails_erubis" if defined? Rails
3
+
4
+ require "contextual/rails" if defined? Rails
@@ -52,7 +52,7 @@ module Erubis
52
52
  end
53
53
 
54
54
  def writeSafe(code)
55
- @buf.writeSafe(code)
55
+ @buf.writeSafe(code.to_s)
56
56
  end
57
57
  alias :writeSafe= :writeSafe
58
58
  alias :append= :writeSafe
@@ -0,0 +1,10 @@
1
+ require 'contextual/safe_erubis'
2
+
3
+ ActiveSupport.on_load(:action_view) do
4
+ ActionView::Template::Handlers::SafeErubis = Contextual::SafeErubis
5
+ ActionView::Template::Handlers::ERB.erb_implementation = Contextual::SafeErubis
6
+
7
+ # Make sure ActionView::OutputBuffer is loaded before we override it
8
+ require 'action_view/buffers'
9
+ ActionView::OutputBuffer = ::Erubis::ContextualBuffer
10
+ end
@@ -0,0 +1,44 @@
1
+ module Contextual
2
+ class SafeErubis < ::Erubis::Eruby
3
+ BLOCK_EXPR = /\s+(do|\{)(\s*\|[^|]*\|)?\s*\Z/
4
+
5
+ def add_preamble(src)
6
+ src << "@output_buffer = output_buffer || Erubis::ContextualBuffer.new; "
7
+ end
8
+
9
+ def add_text(src, text)
10
+ if !text.empty?
11
+ src << "@output_buffer.concat('" << text.to_s.gsub("'", "\\\\'") << "');"
12
+ end
13
+ end
14
+
15
+ def add_expr_literal(src, code)
16
+ if code =~ BLOCK_EXPR
17
+ src << '@output_buffer.append= ' << code
18
+ else
19
+ src << <<-SRC
20
+ val = (#{code.to_s});
21
+ if (val.html_safe?);
22
+ @output_buffer.append=(val);
23
+ else;
24
+ @output_buffer.safe_append=(val);
25
+ end;
26
+ SRC
27
+ end
28
+ end
29
+
30
+ def add_expr_escaped(src, code)
31
+ if code =~ BLOCK_EXPR
32
+ src << "@output_buffer.append= " << code
33
+ else
34
+ src << "@output_buffer.append(" << code << ");"
35
+ end
36
+ end
37
+
38
+ def add_postamble(src)
39
+ src << "@output_buffer.close \n"
40
+ # src << "p [:CONTEXTUAL,@output_buffer, @output_buffer.to_s, @output_buffer.to_s.html_safe.html_safe?]\n"
41
+ src << "@output_buffer.to_s.html_safe"
42
+ end
43
+ end
44
+ end
@@ -1,3 +1,3 @@
1
1
  module Contextual
2
- VERSION = "0.0.1"
2
+ VERSION = "0.0.2"
3
3
  end
@@ -67,4 +67,13 @@ describe Contextual do
67
67
  res.should == exp
68
68
  end
69
69
 
70
+ it "should render fixnums" do
71
+ template = Erubis::ContextualEruby.new <<-TEMPLATE
72
+ Number: <%= 42 %>
73
+ TEMPLATE
74
+
75
+ result = template.result(binding)
76
+
77
+ result.should =~ /Number: 42/
78
+ end
70
79
  end
@@ -0,0 +1,21 @@
1
+ require 'rails'
2
+
3
+ require 'contextual'
4
+
5
+ # make sure railtie is loaded in case some other
6
+ # test task required contextual before rails was loaded
7
+ require 'contextual/rails'
8
+
9
+ # Force the load hooks to be run for action_view
10
+ require 'action_view'
11
+ require 'action_view/base'
12
+
13
+ describe "Contextual load hooks" do
14
+ it "should add SafeErubis as template handler" do
15
+ ActionView::Template::Handlers::SafeErubis.should == Contextual::SafeErubis
16
+ end
17
+
18
+ it "should be able to load action_view/buffers alright" do
19
+ require 'action_view/buffers'
20
+ end
21
+ end
@@ -0,0 +1,19 @@
1
+ require 'contextual/safe_erubis'
2
+
3
+ describe Contextual do
4
+ it 'should allow fixnums' do
5
+ template = Contextual::SafeErubis.new <<-TEMPLATE
6
+ Number: <%= 42 %>
7
+ TEMPLATE
8
+
9
+ result = template.result(binding)
10
+
11
+ result.should =~ /Number:\s*42/
12
+ end
13
+
14
+ private
15
+
16
+ def output_buffer
17
+ ::Erubis::ContextualBuffer.new
18
+ end
19
+ end
metadata CHANGED
@@ -1,71 +1,93 @@
1
- --- !ruby/object:Gem::Specification
1
+ --- !ruby/object:Gem::Specification
2
2
  name: contextual
3
- version: !ruby/object:Gem::Version
4
- version: 0.0.1
3
+ version: !ruby/object:Gem::Version
5
4
  prerelease:
5
+ version: 0.0.2
6
6
  platform: java
7
- authors:
8
- - Ilya Grigorik
7
+ authors:
8
+ - Ilya Grigorik
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-03-27 00:00:00.000000000 Z
13
- dependencies:
14
- - !ruby/object:Gem::Dependency
15
- name: rspec
16
- requirement: &2152973440 !ruby/object:Gem::Requirement
17
- none: false
18
- requirements:
19
- - - ! '>='
20
- - !ruby/object:Gem::Version
21
- version: '0'
22
- type: :development
23
- prerelease: false
24
- version_requirements: *2152973440
12
+
13
+ date: 2012-05-24 00:00:00 Z
14
+ dependencies:
15
+ - !ruby/object:Gem::Dependency
16
+ name: rspec
17
+ prerelease: false
18
+ requirement: &id001 !ruby/object:Gem::Requirement
19
+ none: false
20
+ requirements:
21
+ - - ">="
22
+ - !ruby/object:Gem::Version
23
+ version: "0"
24
+ type: :development
25
+ version_requirements: *id001
26
+ - !ruby/object:Gem::Dependency
27
+ name: rails
28
+ prerelease: false
29
+ requirement: &id002 !ruby/object:Gem::Requirement
30
+ none: false
31
+ requirements:
32
+ - - ">="
33
+ - !ruby/object:Gem::Version
34
+ version: "0"
35
+ type: :development
36
+ version_requirements: *id002
25
37
  description: Runtime contextual autoescaper
26
- email:
27
- - ilya@igvita.com
38
+ email:
39
+ - ilya@igvita.com
28
40
  executables: []
41
+
29
42
  extensions: []
43
+
30
44
  extra_rdoc_files: []
31
- files:
32
- - .gitignore
33
- - .rspec
34
- - Gemfile
35
- - README.md
36
- - Rakefile
37
- - contextual.gemspec
38
- - lib/contextual.rb
39
- - lib/contextual/contextual.rb
40
- - lib/contextual/rails_erubis.rb
41
- - lib/contextual/version.rb
42
- - lib/ext/autoesc.jar
43
- - lib/ext/guava.jar
44
- - spec/contextual_spec.rb
45
+
46
+ files:
47
+ - .gitignore
48
+ - .rspec
49
+ - Gemfile
50
+ - README.md
51
+ - Rakefile
52
+ - contextual.gemspec
53
+ - lib/contextual.rb
54
+ - lib/contextual/contextual.rb
55
+ - lib/contextual/rails.rb
56
+ - lib/contextual/safe_erubis.rb
57
+ - lib/contextual/version.rb
58
+ - lib/ext/autoesc.jar
59
+ - lib/ext/guava.jar
60
+ - spec/contextual_spec.rb
61
+ - spec/rails_spec.rb
62
+ - spec/safe_erubis_spec.rb
45
63
  homepage: https://github.com/igrigorik/contextual
46
64
  licenses: []
65
+
47
66
  post_install_message:
48
67
  rdoc_options: []
49
- require_paths:
50
- - lib
51
- required_ruby_version: !ruby/object:Gem::Requirement
68
+
69
+ require_paths:
70
+ - lib
71
+ required_ruby_version: !ruby/object:Gem::Requirement
52
72
  none: false
53
- requirements:
54
- - - ! '>='
55
- - !ruby/object:Gem::Version
56
- version: '0'
57
- required_rubygems_version: !ruby/object:Gem::Requirement
73
+ requirements:
74
+ - - ">="
75
+ - !ruby/object:Gem::Version
76
+ version: "0"
77
+ required_rubygems_version: !ruby/object:Gem::Requirement
58
78
  none: false
59
- requirements:
60
- - - ! '>='
61
- - !ruby/object:Gem::Version
62
- version: '0'
79
+ requirements:
80
+ - - ">="
81
+ - !ruby/object:Gem::Version
82
+ version: "0"
63
83
  requirements: []
84
+
64
85
  rubyforge_project: contextual
65
- rubygems_version: 1.8.10
86
+ rubygems_version: 1.8.15
66
87
  signing_key:
67
88
  specification_version: 3
68
89
  summary: Runtime contextual autoescaper
69
- test_files:
70
- - spec/contextual_spec.rb
71
- has_rdoc:
90
+ test_files:
91
+ - spec/contextual_spec.rb
92
+ - spec/rails_spec.rb
93
+ - spec/safe_erubis_spec.rb
@@ -1,94 +0,0 @@
1
- module ActionView
2
- class Template
3
- module Handlers
4
-
5
- # class Erubis < ::Erubis::Eruby
6
- # def add_preamble(src)
7
- # src << "@output_buffer = output_buffer || ActionView::OutputBuffer.new;"
8
- # end
9
- #
10
- # def add_text(src, text)
11
- # return if text.empty?
12
- # p [:add_text, :safe_concat, text]
13
- # src << "@output_buffer.safe_concat('" << escape_text(text) << "');"
14
- # end
15
- #
16
- # BLOCK_EXPR = /\s+(do|\{)(\s*\|[^|]*\|)?\s*\Z/
17
- #
18
- # def add_expr_literal(src, code)
19
- # if code =~ BLOCK_EXPR
20
- # p [:add_expr_literal, :block_append=, code]
21
- #
22
- # src << '@output_buffer.append= ' << code
23
- # else
24
- # p [:add_expr_literal, :append=, code]
25
- #
26
- # src << '@output_buffer.append= (' << code << ');'
27
- # end
28
- # end
29
- #
30
- # def add_expr_escaped(src, code)
31
- # if code =~ BLOCK_EXPR
32
- # p [:add_expr_escaped, :safe_append=, code]
33
- #
34
- # src << "@output_buffer.safe_append= " << code
35
- # else
36
- # p [:add_expr_escaped, :safe_concat, code]
37
- # src << "@output_buffer.safe_concat((" << code << ").to_s);"
38
- # end
39
- # end
40
- #
41
- # def add_postamble(src)
42
- # src << '@output_buffer.to_s'
43
- # end
44
- # end
45
-
46
- class SafeErubis < ::Erubis::Eruby
47
- BLOCK_EXPR = /\s+(do|\{)(\s*\|[^|]*\|)?\s*\Z/
48
-
49
- def add_preamble(src)
50
- src << "@output_buffer = output_buffer || Erubis::ContextualBuffer.new; "
51
- end
52
-
53
- def add_text(src, text)
54
- if !text.empty?
55
- src << "@output_buffer.concat('" << text.to_s.gsub("'", "\\\\'") << "');"
56
- end
57
- end
58
-
59
- def add_expr_literal(src, code)
60
- if code =~ BLOCK_EXPR
61
- src << '@output_buffer.append= ' << code
62
- else
63
- src << <<-SRC
64
- val = (#{code.to_s});
65
- if (val.html_safe?);
66
- @output_buffer.append=(val);
67
- else;
68
- @output_buffer.safe_append=(val);
69
- end;
70
- SRC
71
- end
72
- end
73
-
74
- def add_expr_escaped(src, code)
75
- if code =~ BLOCK_EXPR
76
- src << "@output_buffer.append= " << code
77
- else
78
- src << "@output_buffer.append(" << code << ");"
79
- end
80
- end
81
-
82
- def add_postamble(src)
83
- src << "@output_buffer.close \n"
84
- # src << "p [:CONTEXTUAL,@output_buffer, @output_buffer.to_s, @output_buffer.to_s.html_safe.html_safe?]\n"
85
- src << "@output_buffer.to_s.html_safe"
86
- end
87
- end
88
-
89
- ERB.erb_implementation = SafeErubis
90
- ActionView::OutputBuffer = ::Erubis::ContextualBuffer
91
-
92
- end
93
- end
94
- end