erubi 1.11.0 → 1.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG +6 -0
- data/README.rdoc +1 -1
- data/lib/erubi.rb +27 -19
- metadata +7 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b0cae36e4fa5e180f0934c68f04a936a6f51df57e8ef1a4436a907ab408a85a7
|
|
4
|
+
data.tar.gz: ceaeb0da7540a786c6e65cf8bb1c72ad60bf7309f0a9f0cdf460c32236d80a2c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3c2a45e5cbd23b6f85257fcb7139e92cd116b0854fb5386b73331b05314aa0020725ac1bd918e4156e253df1cf7f5f58e6db86874f3180dabc5d8e38d1d910d3
|
|
7
|
+
data.tar.gz: 54a5c8d8d72bfcc8344f9f4224d36070d90d61817deaa601f25dfee24edc4b6f408f5a00b09891075959a1a41d6fa67046594c5e5e3b65707e24f737777de716
|
data/CHANGELOG
CHANGED
|
@@ -1,3 +1,9 @@
|
|
|
1
|
+
=== 1.12.0 (2022-12-22)
|
|
2
|
+
|
|
3
|
+
* Use erb/escape for faster html escaping if available (jeremyevans)
|
|
4
|
+
|
|
5
|
+
* Default :freeze_template_literals option to false if running with --enable-frozen-string-literal (casperisfine) (#35)
|
|
6
|
+
|
|
1
7
|
=== 1.11.0 (2022-08-02)
|
|
2
8
|
|
|
3
9
|
* Support :freeze_template_literals option for configuring whether to add .freeze to template literal strings (casperisfine) (#33)
|
data/README.rdoc
CHANGED
|
@@ -9,7 +9,7 @@ the same basic algorithm, with the following differences:
|
|
|
9
9
|
* Automatically freezes strings for template text when ruby optimizes it (on ruby 2.1+)
|
|
10
10
|
* Escapes <tt>'</tt> (apostrophe) when escaping for better XSS protection
|
|
11
11
|
* Has 6x faster escaping on ruby 2.3+ by using cgi/escape
|
|
12
|
-
* Has
|
|
12
|
+
* Has 81% smaller memory footprint (calculated using +ObjectSpace.memsize_of_all+)
|
|
13
13
|
* Does no monkey patching (Erubis adds a method to Kernel)
|
|
14
14
|
* Uses an immutable design (all options passed to the constructor, which returns a frozen object)
|
|
15
15
|
* Has simpler internals (1 file, <150 lines of code)
|
data/lib/erubi.rb
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
module Erubi
|
|
4
|
-
VERSION = '1.
|
|
4
|
+
VERSION = '1.12.0'
|
|
5
5
|
|
|
6
6
|
# :nocov:
|
|
7
7
|
if RUBY_VERSION >= '1.9'
|
|
@@ -14,33 +14,41 @@ module Erubi
|
|
|
14
14
|
|
|
15
15
|
MATCH_METHOD = RUBY_VERSION >= '2.4' ? :match? : :match
|
|
16
16
|
SKIP_DEFINED_FOR_INSTANCE_VARIABLE = RUBY_VERSION > '3'
|
|
17
|
+
FREEZE_TEMPLATE_LITERALS = !eval("''").frozen? && RUBY_VERSION >= '2.1'
|
|
17
18
|
# :nocov:
|
|
18
19
|
|
|
19
20
|
begin
|
|
20
|
-
require '
|
|
21
|
+
require 'erb/escape'
|
|
21
22
|
# :nocov:
|
|
22
|
-
|
|
23
|
-
CGI = Object.new
|
|
24
|
-
CGI.extend(defined?(::CGI::Escape) ? ::CGI::Escape : ::CGI::Util)
|
|
25
|
-
end
|
|
23
|
+
define_singleton_method(:h, ERB::Escape.instance_method(:html_escape))
|
|
26
24
|
# :nocov:
|
|
27
|
-
# Escape characters with their HTML/XML equivalents.
|
|
28
|
-
def self.h(value)
|
|
29
|
-
CGI.escapeHTML(value.to_s)
|
|
30
|
-
end
|
|
31
25
|
rescue LoadError
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
26
|
+
begin
|
|
27
|
+
require 'cgi/escape'
|
|
28
|
+
# :nocov:
|
|
29
|
+
unless CGI.respond_to?(:escapeHTML) # work around for JRuby 9.1
|
|
30
|
+
CGI = Object.new
|
|
31
|
+
CGI.extend(defined?(::CGI::Escape) ? ::CGI::Escape : ::CGI::Util)
|
|
37
32
|
end
|
|
38
|
-
|
|
33
|
+
# :nocov:
|
|
34
|
+
# Escape characters with their HTML/XML equivalents.
|
|
39
35
|
def self.h(value)
|
|
40
|
-
value.to_s
|
|
36
|
+
CGI.escapeHTML(value.to_s)
|
|
41
37
|
end
|
|
38
|
+
rescue LoadError
|
|
39
|
+
# :nocov:
|
|
40
|
+
ESCAPE_TABLE = {'&' => '&'.freeze, '<' => '<'.freeze, '>' => '>'.freeze, '"' => '"'.freeze, "'" => '''.freeze}.freeze
|
|
41
|
+
if RUBY_VERSION >= '1.9'
|
|
42
|
+
def self.h(value)
|
|
43
|
+
value.to_s.gsub(/[&<>"']/, ESCAPE_TABLE)
|
|
44
|
+
end
|
|
45
|
+
else
|
|
46
|
+
def self.h(value)
|
|
47
|
+
value.to_s.gsub(/[&<>"']/){|s| ESCAPE_TABLE[s]}
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
# :nocov:
|
|
42
51
|
end
|
|
43
|
-
# :nocov:
|
|
44
52
|
end
|
|
45
53
|
|
|
46
54
|
class Engine
|
|
@@ -95,7 +103,7 @@ module Erubi
|
|
|
95
103
|
preamble = properties[:preamble] || "#{bufvar} = #{bufval};"
|
|
96
104
|
postamble = properties[:postamble] || "#{bufvar}.to_s\n"
|
|
97
105
|
@chain_appends = properties[:chain_appends]
|
|
98
|
-
@text_end = if properties.fetch(:freeze_template_literals,
|
|
106
|
+
@text_end = if properties.fetch(:freeze_template_literals, FREEZE_TEMPLATE_LITERALS)
|
|
99
107
|
"'.freeze"
|
|
100
108
|
else
|
|
101
109
|
"'"
|
metadata
CHANGED
|
@@ -1,15 +1,15 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: erubi
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.12.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jeremy Evans
|
|
8
8
|
- kuwata-lab.com
|
|
9
|
-
autorequire:
|
|
9
|
+
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2022-
|
|
12
|
+
date: 2022-12-22 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: minitest
|
|
@@ -59,9 +59,10 @@ licenses:
|
|
|
59
59
|
- MIT
|
|
60
60
|
metadata:
|
|
61
61
|
bug_tracker_uri: https://github.com/jeremyevans/erubi/issues
|
|
62
|
+
mailing_list_uri: https://github.com/jeremyevans/erubi/discussions
|
|
62
63
|
changelog_uri: https://github.com/jeremyevans/erubi/blob/master/CHANGELOG
|
|
63
64
|
source_code_uri: https://github.com/jeremyevans/erubi
|
|
64
|
-
post_install_message:
|
|
65
|
+
post_install_message:
|
|
65
66
|
rdoc_options:
|
|
66
67
|
- "--quiet"
|
|
67
68
|
- "--line-numbers"
|
|
@@ -83,8 +84,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
83
84
|
- !ruby/object:Gem::Version
|
|
84
85
|
version: '0'
|
|
85
86
|
requirements: []
|
|
86
|
-
rubygems_version: 3.3.
|
|
87
|
-
signing_key:
|
|
87
|
+
rubygems_version: 3.3.26
|
|
88
|
+
signing_key:
|
|
88
89
|
specification_version: 4
|
|
89
90
|
summary: Small ERB Implementation
|
|
90
91
|
test_files: []
|