erubi 1.1.0 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG +8 -0
- data/README.rdoc +1 -0
- data/lib/erubi.rb +20 -7
- data/lib/tilt/erubi.rb +2 -1
- data/test/test.rb +5 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 92d3eacf43d264b3146fc705e27f23b9bdd70284
|
4
|
+
data.tar.gz: ecc36e3901223a29ef2c1db35a6f99e61318f04a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 393fac1c97bcec819d19cc77ff482a1a3ad3852ac0049b709d8e0d12320362337ad0b3b16304117272c381cb62d2f43ac32ea19af9605d6706cfe6bda69c34a7
|
7
|
+
data.tar.gz: 5461c001e9fe35fd7b0937941e4553b367986d3f588c58798184dc21aac6690a6510299c152a807b64ee4c9259819a5c86e293483149c5ee63edb05662e5a83d
|
data/CHANGELOG
CHANGED
@@ -1,3 +1,11 @@
|
|
1
|
+
=== 1.2.0 (2016-11-21)
|
2
|
+
|
3
|
+
* Engine#src now returns a frozen string (jeremyevans)
|
4
|
+
|
5
|
+
* Automatically freeze template text strings on ruby 2.1+, reducing garbage generated (jeremyevans)
|
6
|
+
|
7
|
+
* Allow overriding of behavior for <%= and <%== tags (ujifgc) (#1)
|
8
|
+
|
1
9
|
=== 1.1.0 (2016-11-14)
|
2
10
|
|
3
11
|
* Add :ensure option to supporting restoring bufvar to original value (jeremyevans)
|
data/README.rdoc
CHANGED
@@ -6,6 +6,7 @@ the following differences:
|
|
6
6
|
* Handles postfix conditionals when using escaping (e.g. <tt><%= foo if bar %></tt>)
|
7
7
|
* Supports frozen_string_literal: true in templates via :freeze option
|
8
8
|
* Works with ruby's --enable-frozen-string-literal option
|
9
|
+
* Automatically freezes strings for template text when ruby optimizes it (on ruby 2.1+)
|
9
10
|
* Escapes ' (apostrophe) when escaping for better XSS protection
|
10
11
|
* Has 90% smaller memory footprint for base engine
|
11
12
|
* Has 75% smaller memory footprint for tilt support
|
data/lib/erubi.rb
CHANGED
@@ -7,6 +7,7 @@ module Erubi
|
|
7
7
|
if RUBY_VERSION >= '1.9'
|
8
8
|
RANGE_FIRST = 0
|
9
9
|
RANGE_LAST = -1
|
10
|
+
TEXT_END = "'.freeze;"
|
10
11
|
|
11
12
|
# Escape the following characters with their HTML/XML
|
12
13
|
# equivalents.
|
@@ -17,6 +18,7 @@ module Erubi
|
|
17
18
|
# :nocov:
|
18
19
|
RANGE_FIRST = 0..0
|
19
20
|
RANGE_LAST = -1..-1
|
21
|
+
TEXT_END = "';"
|
20
22
|
|
21
23
|
def self.h(value)
|
22
24
|
value.to_s.gsub(/[&<>"']/){|s| ESCAPE_TABLE[s]}
|
@@ -25,7 +27,7 @@ module Erubi
|
|
25
27
|
end
|
26
28
|
|
27
29
|
class Engine
|
28
|
-
# The ruby source code generated from the template, which can be evaled.
|
30
|
+
# The frozen ruby source code generated from the template, which can be evaled.
|
29
31
|
attr_reader :src
|
30
32
|
|
31
33
|
# The filename of the template, if one was given.
|
@@ -63,12 +65,12 @@ module Erubi
|
|
63
65
|
src << "# frozen_string_literal: true\n" if properties[:freeze]
|
64
66
|
src << "begin; __original_outvar = #{bufvar} if defined?(#{bufvar}); " if properties[:ensure]
|
65
67
|
|
66
|
-
unless escapefunc = properties[:escapefunc]
|
68
|
+
unless @escapefunc = properties[:escapefunc]
|
67
69
|
if escape
|
68
|
-
escapefunc = '__erubi.h'
|
70
|
+
@escapefunc = '__erubi.h'
|
69
71
|
src << "__erubi = ::Erubi;"
|
70
72
|
else
|
71
|
-
escapefunc = '::Erubi.h'
|
73
|
+
@escapefunc = '::Erubi.h'
|
72
74
|
end
|
73
75
|
end
|
74
76
|
|
@@ -115,9 +117,9 @@ module Erubi
|
|
115
117
|
rspace = nil if tailch && !tailch.empty?
|
116
118
|
add_text(lspace) if lspace
|
117
119
|
if ((indicator == '=') ^ escape)
|
118
|
-
|
120
|
+
add_expression_result(code)
|
119
121
|
else
|
120
|
-
|
122
|
+
add_expression_result_escaped(code)
|
121
123
|
end
|
122
124
|
add_text(rspace) if rspace
|
123
125
|
when '#'
|
@@ -149,6 +151,7 @@ module Erubi
|
|
149
151
|
src << "\n" unless src[RANGE_LAST] == "\n"
|
150
152
|
src << postamble
|
151
153
|
src << "; ensure\n #{bufvar} = __original_outvar\nend\n" if properties[:ensure]
|
154
|
+
src.freeze
|
152
155
|
freeze
|
153
156
|
end
|
154
157
|
|
@@ -156,7 +159,7 @@ module Erubi
|
|
156
159
|
|
157
160
|
# Add raw text to the template
|
158
161
|
def add_text(text)
|
159
|
-
@src << " #{@bufvar} << '" << text.gsub(/['\\]/, '\\\\\&') <<
|
162
|
+
@src << " #{@bufvar} << '" << text.gsub(/['\\]/, '\\\\\&') << TEXT_END unless text.empty?
|
160
163
|
end
|
161
164
|
|
162
165
|
# Add ruby code to the template
|
@@ -165,6 +168,16 @@ module Erubi
|
|
165
168
|
@src << ';' unless code[RANGE_LAST] == "\n"
|
166
169
|
end
|
167
170
|
|
171
|
+
# Add the result of Ruby expression to the template
|
172
|
+
def add_expression_result(code)
|
173
|
+
@src << " #{@bufvar} << (" << code << ').to_s;'
|
174
|
+
end
|
175
|
+
|
176
|
+
# Add the escaped result of Ruby expression to the template
|
177
|
+
def add_expression_result_escaped(code)
|
178
|
+
@src << " #{@bufvar} << #{@escapefunc}((" << code << '));'
|
179
|
+
end
|
180
|
+
|
168
181
|
# Raise an exception, as the base engine class does not support handling other indicators.
|
169
182
|
def handle(indicator, code, tailch, rspace, lspace)
|
170
183
|
raise ArgumentError, "Invalid indicator: #{indicator}"
|
data/lib/tilt/erubi.rb
CHANGED
@@ -18,11 +18,12 @@ module Tilt
|
|
18
18
|
|
19
19
|
@engine = engine_class.new(data, @options)
|
20
20
|
@outvar = @engine.bufvar
|
21
|
+
@src = @engine.src.dup
|
21
22
|
@engine
|
22
23
|
end
|
23
24
|
|
24
25
|
def precompiled_template(locals)
|
25
|
-
@
|
26
|
+
@src
|
26
27
|
end
|
27
28
|
|
28
29
|
Tilt.register self, 'erb', 'rhtml', 'erubi'
|
data/test/test.rb
CHANGED
@@ -35,7 +35,7 @@ describe Erubi::Engine do
|
|
35
35
|
def check_output(input, src, result, &block)
|
36
36
|
t = (@options[:engine] || Erubi::Engine).new(input, @options)
|
37
37
|
eval(t.src, block.binding).must_equal result
|
38
|
-
t.src.must_equal src
|
38
|
+
t.src.gsub("'.freeze;", "';").must_equal src
|
39
39
|
end
|
40
40
|
|
41
41
|
def setup_foo
|
@@ -485,6 +485,10 @@ END3
|
|
485
485
|
Erubi::Engine.new('').frozen?.must_equal true
|
486
486
|
end
|
487
487
|
|
488
|
+
it "should have frozen src" do
|
489
|
+
Erubi::Engine.new('').src.frozen?.must_equal true
|
490
|
+
end
|
491
|
+
|
488
492
|
it "should raise an error if a tag is not handled when a custom regexp is used" do
|
489
493
|
proc{Erubi::Engine.new('<%] %>', :regexp =>/<%(={1,2}|\]|-|\#|%)?(.*?)([-=])?%>([ \t]*\r?\n)?/m)}.must_raise ArgumentError
|
490
494
|
proc{Erubi::CaptureEngine.new('<%] %>', :regexp =>/<%(={1,2}|\]|-|\#|%)?(.*?)([-=])?%>([ \t]*\r?\n)?/m)}.must_raise ArgumentError
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: erubi
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jeremy Evans
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2016-11-
|
12
|
+
date: 2016-11-21 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: tilt
|
@@ -83,7 +83,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
83
83
|
version: '0'
|
84
84
|
requirements: []
|
85
85
|
rubyforge_project:
|
86
|
-
rubygems_version: 2.6.
|
86
|
+
rubygems_version: 2.6.8
|
87
87
|
signing_key:
|
88
88
|
specification_version: 4
|
89
89
|
summary: Small ERB Implementation
|