erubi 1.5.0 → 1.6.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG +4 -0
  3. data/README.rdoc +2 -2
  4. data/lib/erubi.rb +22 -9
  5. data/test/test.rb +3 -3
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: fd16f88fa55dfb16632b96ad51f1b9d8b4dfcb3a
4
- data.tar.gz: 369980088c6de4f7309f53ccbc1f4d77c40569d7
3
+ metadata.gz: 7624aff12923d9d250f5d3ba715638577669ad17
4
+ data.tar.gz: ee918f650866fb2652d79a24a6d67f93673cb973
5
5
  SHA512:
6
- metadata.gz: 5bea95cdd30ba995ffd760d40131dab30cfbbe0f4dd57c87957c8b8d55cd0a55b2e4c7fd92d692defc1e2d90ae7a0b564462d8c5b48babdd14947c7137be2708
7
- data.tar.gz: a0850dc7e918bf33c5e32707f1747cdfa0cb2902f8308be7d4f19d120b006426e9efc5b384fde46c1a2b920d23fa7432a37fdaf08a636928355f0391b03df6b2
6
+ metadata.gz: d6b7e14a72e167dba29bbed06fa243cc21d3e0c4dfe6d3a6f42a0f4faf42bdc790cd6ae93aa18921ff0d69dbc575c2958d6d7319606eed25e5becb87d2b01dc0
7
+ data.tar.gz: 82b8d817f9da8862b4f7823e250f9f527d503da254650c3ade12ba24c17dea70ee04c3be7cb30cc7d0fba301eda8c9e6047ba46c7a2f6aa293f3d6512a6219a0
data/CHANGELOG CHANGED
@@ -1,3 +1,7 @@
1
+ === 1.6.0 (2017-02-27)
2
+
3
+ * Use cgi/escape if available for 6x faster HTML escaping (k0kubun, jeremyevans) (#4)
4
+
1
5
  === 1.5.0 (2017-01-26)
2
6
 
3
7
  * Drop tilt/erubi file, as tilt now ships with Erubi support (jeremyevans)
data/README.rdoc CHANGED
@@ -8,8 +8,8 @@ the same basic algorithm, with the following differences:
8
8
  * Works with ruby's --enable-frozen-string-literal option
9
9
  * Automatically freezes strings for template text when ruby optimizes it (on ruby 2.1+)
10
10
  * Escapes ' (apostrophe) when escaping for better XSS protection
11
- * Has 88% smaller memory footprint for base engine
12
- * Has 75% smaller memory footprint for tilt support
11
+ * Has 6x faster escaping on ruby 2.3+ by using cgi/escape
12
+ * Has 86% smaller memory footprint
13
13
  * Does no monkey patching (Erubis adds a method to Kernel)
14
14
  * Uses an immutable design (all options passed to the constructor, which returns a frozen object)
15
15
  * Has simpler internals (1 file, <150 lines of code)
data/lib/erubi.rb CHANGED
@@ -1,29 +1,42 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Erubi
4
- ESCAPE_TABLE = {'&' => '&amp;'.freeze, '<' => '&lt;'.freeze, '>' => '&gt;'.freeze, '"' => '&quot;'.freeze, "'" => '&#039;'.freeze}.freeze
4
+ VERSION = '1.6.0'
5
5
  RANGE_ALL = 0..-1
6
6
 
7
7
  if RUBY_VERSION >= '1.9'
8
8
  RANGE_FIRST = 0
9
9
  RANGE_LAST = -1
10
10
  TEXT_END = RUBY_VERSION >= '2.1' ? "'.freeze;" : "';"
11
-
12
- # Escape the following characters with their HTML/XML
13
- # equivalents.
14
- def self.h(value)
15
- value.to_s.gsub(/[&<>"']/, ESCAPE_TABLE)
16
- end
17
11
  else
18
12
  # :nocov:
19
13
  RANGE_FIRST = 0..0
20
14
  RANGE_LAST = -1..-1
21
15
  TEXT_END = "';"
16
+ end
22
17
 
18
+ begin
19
+ require 'cgi/escape'
20
+ unless CGI.respond_to?(:escapeHTML) # work around for JRuby 9.1
21
+ CGI = Object.new
22
+ CGI.extend(::CGI::Util)
23
+ end
23
24
  def self.h(value)
24
- value.to_s.gsub(/[&<>"']/){|s| ESCAPE_TABLE[s]}
25
+ CGI.escapeHTML(value.to_s)
26
+ end
27
+ rescue LoadError
28
+ ESCAPE_TABLE = {'&' => '&amp;'.freeze, '<' => '&lt;'.freeze, '>' => '&gt;'.freeze, '"' => '&quot;'.freeze, "'" => '&#39;'.freeze}.freeze
29
+ if RUBY_VERSION >= '1.9'
30
+ # Escape the following characters with their HTML/XML
31
+ # equivalents.
32
+ def self.h(value)
33
+ value.to_s.gsub(/[&<>"']/, ESCAPE_TABLE)
34
+ end
35
+ else
36
+ def self.h(value)
37
+ value.to_s.gsub(/[&<>"']/){|s| ESCAPE_TABLE[s]}
38
+ end
25
39
  end
26
- # :nocov:
27
40
  end
28
41
 
29
42
  class Engine
data/test/test.rb CHANGED
@@ -101,7 +101,7 @@ END2
101
101
  <tbody>
102
102
  <tr>
103
103
  <td>1</td>
104
- <td>&amp;&#039;&lt;&gt;&quot;2</td>
104
+ <td>&amp;&#39;&lt;&gt;&quot;2</td>
105
105
  </tr>
106
106
  </tbody>
107
107
  </table>
@@ -150,7 +150,7 @@ END2
150
150
  <tbody>
151
151
  <tr>
152
152
  <td>1</td>
153
- <td>&amp;&#039;&lt;&gt;&quot;2</td>
153
+ <td>&amp;&#39;&lt;&gt;&quot;2</td>
154
154
  </tr>
155
155
  </tbody>
156
156
  </table>
@@ -472,7 +472,7 @@ END2
472
472
  <tbody>
473
473
  <tr>
474
474
  <td>1</td>
475
- <td>&amp;&#039;&lt;&gt;&quot;2</td>
475
+ <td>&amp;&#39;&lt;&gt;&quot;2</td>
476
476
  </tr>
477
477
  </tbody>
478
478
  </table>
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: erubi
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.5.0
4
+ version: 1.6.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jeremy Evans
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2017-01-26 00:00:00.000000000 Z
12
+ date: 2017-02-27 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: minitest