contextual 0.0.1-java → 0.0.2-java

data/README.md

@@ -43,3 +43,6 @@ The safe parts are treated as literal chunks of HTML/CSS/JS, the query string pa
 
 Contextual will also automatically strip variety of injection cases for JS, CSS, and HTML, and give you a [dozen other features](https://github.com/mikesamuel/html-contextual-autoescaper-java/tree/master/src/tests/com/google/autoesc) for free.
 
+### License
+
+(MIT License) - Copyright (c) 2012 Ilya Grigorik

data/contextual.gemspec

@@ -16,6 +16,9 @@ Gem::Specification.new do |s|
 
   s.add_development_dependency "rspec"
 
+  # Only required to test rails integration
+  s.add_development_dependency 'rails'
+
   s.files         = `git ls-files`.split("\n")
   s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }

data/lib/contextual.rb

@@ -1,3 +1,4 @@
 require "contextual/version"
 require "contextual/contextual"
-require "contextual/rails_erubis" if defined? Rails
+
+require "contextual/rails" if defined? Rails

data/lib/contextual/contextual.rb

@@ -52,7 +52,7 @@ module Erubis
     end
 
     def writeSafe(code)
-      @buf.writeSafe(code)
+      @buf.writeSafe(code.to_s)
     end
     alias :writeSafe= :writeSafe
     alias :append= :writeSafe

data/lib/contextual/rails.rb

@@ -0,0 +1,10 @@
+require 'contextual/safe_erubis'
+
+ActiveSupport.on_load(:action_view) do
+  ActionView::Template::Handlers::SafeErubis = Contextual::SafeErubis
+  ActionView::Template::Handlers::ERB.erb_implementation = Contextual::SafeErubis
+
+  # Make sure ActionView::OutputBuffer is loaded before we override it
+  require 'action_view/buffers'
+  ActionView::OutputBuffer = ::Erubis::ContextualBuffer
+end

data/lib/contextual/safe_erubis.rb

@@ -0,0 +1,44 @@
+module Contextual
+  class SafeErubis < ::Erubis::Eruby
+    BLOCK_EXPR = /\s+(do|\{)(\s*\|[^|]*\|)?\s*\Z/
+
+      def add_preamble(src)
+        src << "@output_buffer = output_buffer || Erubis::ContextualBuffer.new; "
+      end
+
+    def add_text(src, text)
+      if !text.empty?
+        src << "@output_buffer.concat('" << text.to_s.gsub("'", "\\\\'") << "');"
+      end
+    end
+
+    def add_expr_literal(src, code)
+      if code =~ BLOCK_EXPR
+        src << '@output_buffer.append= ' << code
+      else
+        src << <<-SRC
+              val = (#{code.to_s});
+              if (val.html_safe?);
+                @output_buffer.append=(val);
+              else;
+                @output_buffer.safe_append=(val);
+              end;
+        SRC
+      end
+    end
+
+    def add_expr_escaped(src, code)
+      if code =~ BLOCK_EXPR
+        src << "@output_buffer.append= " << code
+      else
+        src << "@output_buffer.append(" << code << ");"
+      end
+    end
+
+    def add_postamble(src)
+      src << "@output_buffer.close \n"
+      # src << "p [:CONTEXTUAL,@output_buffer, @output_buffer.to_s, @output_buffer.to_s.html_safe.html_safe?]\n"
+      src << "@output_buffer.to_s.html_safe"
+    end
+  end
+end

data/lib/contextual/version.rb

@@ -1,3 +1,3 @@
 module Contextual
-  VERSION = "0.0.1"
+  VERSION = "0.0.2"
 end

data/spec/contextual_spec.rb

@@ -67,4 +67,13 @@ describe Contextual do
     res.should == exp
   end
 
+  it "should render fixnums" do
+    template = Erubis::ContextualEruby.new <<-TEMPLATE
+    Number: <%= 42 %>
+    TEMPLATE
+
+    result = template.result(binding)
+
+    result.should =~ /Number: 42/
+  end
 end

data/spec/rails_spec.rb

@@ -0,0 +1,21 @@
+require 'rails'
+
+require 'contextual'
+
+# make sure railtie is loaded in case some other
+# test task required contextual before rails was loaded
+require 'contextual/rails'
+
+# Force the load hooks to be run for action_view
+require 'action_view'
+require 'action_view/base'
+
+describe "Contextual load hooks" do
+  it "should add SafeErubis as template handler" do
+    ActionView::Template::Handlers::SafeErubis.should == Contextual::SafeErubis
+  end
+
+  it "should be able to load action_view/buffers alright" do
+    require 'action_view/buffers'
+  end
+end

data/spec/safe_erubis_spec.rb

@@ -0,0 +1,19 @@
+require 'contextual/safe_erubis'
+
+describe Contextual do
+  it 'should allow fixnums' do
+    template = Contextual::SafeErubis.new <<-TEMPLATE
+    Number: <%= 42 %>
+    TEMPLATE
+
+    result = template.result(binding)
+
+    result.should =~ /Number:\s*42/
+  end
+
+  private
+
+  def output_buffer
+    ::Erubis::ContextualBuffer.new
+  end
+end

metadata

@@ -1,71 +1,93 @@
---- !ruby/object:Gem::Specification
+--- !ruby/object:Gem::Specification 
 name: contextual
-version: !ruby/object:Gem::Version
-  version: 0.0.1
+version: !ruby/object:Gem::Version 
   prerelease: 
+  version: 0.0.2
 platform: java
-authors:
-- Ilya Grigorik
+authors: 
+  - Ilya Grigorik
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-03-27 00:00:00.000000000 Z
-dependencies:
-- !ruby/object:Gem::Dependency
-  name: rspec
-  requirement: &2152973440 !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: *2152973440
+
+date: 2012-05-24 00:00:00 Z
+dependencies: 
+  - !ruby/object:Gem::Dependency 
+    name: rspec
+    prerelease: false
+    requirement: &id001 !ruby/object:Gem::Requirement 
+      none: false
+      requirements: 
+        - - ">="
+          - !ruby/object:Gem::Version 
+            version: "0"
+    type: :development
+    version_requirements: *id001
+  - !ruby/object:Gem::Dependency 
+    name: rails
+    prerelease: false
+    requirement: &id002 !ruby/object:Gem::Requirement 
+      none: false
+      requirements: 
+        - - ">="
+          - !ruby/object:Gem::Version 
+            version: "0"
+    type: :development
+    version_requirements: *id002
 description: Runtime contextual autoescaper
-email:
-- ilya@igvita.com
+email: 
+  - ilya@igvita.com
 executables: []
+
 extensions: []
+
 extra_rdoc_files: []
-files:
-- .gitignore
-- .rspec
-- Gemfile
-- README.md
-- Rakefile
-- contextual.gemspec
-- lib/contextual.rb
-- lib/contextual/contextual.rb
-- lib/contextual/rails_erubis.rb
-- lib/contextual/version.rb
-- lib/ext/autoesc.jar
-- lib/ext/guava.jar
-- spec/contextual_spec.rb
+
+files: 
+  - .gitignore
+  - .rspec
+  - Gemfile
+  - README.md
+  - Rakefile
+  - contextual.gemspec
+  - lib/contextual.rb
+  - lib/contextual/contextual.rb
+  - lib/contextual/rails.rb
+  - lib/contextual/safe_erubis.rb
+  - lib/contextual/version.rb
+  - lib/ext/autoesc.jar
+  - lib/ext/guava.jar
+  - spec/contextual_spec.rb
+  - spec/rails_spec.rb
+  - spec/safe_erubis_spec.rb
 homepage: https://github.com/igrigorik/contextual
 licenses: []
+
 post_install_message: 
 rdoc_options: []
-require_paths:
-- lib
-required_ruby_version: !ruby/object:Gem::Requirement
+
+require_paths: 
+  - lib
+required_ruby_version: !ruby/object:Gem::Requirement 
   none: false
-  requirements:
-  - - ! '>='
-    - !ruby/object:Gem::Version
-      version: '0'
-required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
   none: false
-  requirements:
-  - - ! '>='
-    - !ruby/object:Gem::Version
-      version: '0'
+  requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
 requirements: []
+
 rubyforge_project: contextual
-rubygems_version: 1.8.10
+rubygems_version: 1.8.15
 signing_key: 
 specification_version: 3
 summary: Runtime contextual autoescaper
-test_files:
-- spec/contextual_spec.rb
-has_rdoc: 
+test_files: 
+  - spec/contextual_spec.rb
+  - spec/rails_spec.rb
+  - spec/safe_erubis_spec.rb

data/lib/contextual/rails_erubis.rb

@@ -1,94 +0,0 @@
-module ActionView
-  class Template
-    module Handlers
-
-      # class Erubis < ::Erubis::Eruby
-      #   def add_preamble(src)
-      #     src << "@output_buffer = output_buffer || ActionView::OutputBuffer.new;"
-      #   end
-      #
-      #   def add_text(src, text)
-      #     return if text.empty?
-      #     p [:add_text, :safe_concat, text]
-      #     src << "@output_buffer.safe_concat('" << escape_text(text) << "');"
-      #   end
-      #
-      #   BLOCK_EXPR = /\s+(do|\{)(\s*\|[^|]*\|)?\s*\Z/
-      #
-      #   def add_expr_literal(src, code)
-      #     if code =~ BLOCK_EXPR
-      #       p [:add_expr_literal, :block_append=, code]
-      #
-      #       src << '@output_buffer.append= ' << code
-      #     else
-      #       p [:add_expr_literal, :append=, code]
-      #
-      #       src << '@output_buffer.append= (' << code << ');'
-      #     end
-      #   end
-      #
-      #   def add_expr_escaped(src, code)
-      #     if code =~ BLOCK_EXPR
-      #       p [:add_expr_escaped, :safe_append=, code]
-      #
-      #       src << "@output_buffer.safe_append= " << code
-      #     else
-      #       p [:add_expr_escaped, :safe_concat, code]
-      #       src << "@output_buffer.safe_concat((" << code << ").to_s);"
-      #     end
-      #   end
-      #
-      #   def add_postamble(src)
-      #     src << '@output_buffer.to_s'
-      #   end
-      # end
-
-      class SafeErubis < ::Erubis::Eruby
-        BLOCK_EXPR = /\s+(do|\{)(\s*\|[^|]*\|)?\s*\Z/
-
-        def add_preamble(src)
-          src << "@output_buffer = output_buffer || Erubis::ContextualBuffer.new; "
-        end
-
-        def add_text(src, text)
-          if !text.empty?
-            src << "@output_buffer.concat('" << text.to_s.gsub("'", "\\\\'") << "');"
-          end
-        end
-
-        def add_expr_literal(src, code)
-          if code =~ BLOCK_EXPR
-            src << '@output_buffer.append= ' << code
-          else
-            src << <<-SRC
-              val = (#{code.to_s});
-              if (val.html_safe?);
-                @output_buffer.append=(val);
-              else;
-                @output_buffer.safe_append=(val);
-              end;
-            SRC
-          end
-        end
-
-        def add_expr_escaped(src, code)
-          if code =~ BLOCK_EXPR
-            src << "@output_buffer.append= " << code
-          else
-            src << "@output_buffer.append(" << code << ");"
-          end
-        end
-
-        def add_postamble(src)
-          src << "@output_buffer.close \n"
-          # src << "p [:CONTEXTUAL,@output_buffer, @output_buffer.to_s, @output_buffer.to_s.html_safe.html_safe?]\n"
-          src << "@output_buffer.to_s.html_safe"
-        end
-      end
-
-      ERB.erb_implementation = SafeErubis
-      ActionView::OutputBuffer = ::Erubis::ContextualBuffer
-
-    end
-  end
-end