erubi 1.5.0 → 1.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG +4 -0
  3. data/README.rdoc +2 -2
  4. data/lib/erubi.rb +22 -9
  5. data/test/test.rb +3 -3
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: fd16f88fa55dfb16632b96ad51f1b9d8b4dfcb3a
4
- data.tar.gz: 369980088c6de4f7309f53ccbc1f4d77c40569d7
3
+ metadata.gz: 7624aff12923d9d250f5d3ba715638577669ad17
4
+ data.tar.gz: ee918f650866fb2652d79a24a6d67f93673cb973
5
5
  SHA512:
6
- metadata.gz: 5bea95cdd30ba995ffd760d40131dab30cfbbe0f4dd57c87957c8b8d55cd0a55b2e4c7fd92d692defc1e2d90ae7a0b564462d8c5b48babdd14947c7137be2708
7
- data.tar.gz: a0850dc7e918bf33c5e32707f1747cdfa0cb2902f8308be7d4f19d120b006426e9efc5b384fde46c1a2b920d23fa7432a37fdaf08a636928355f0391b03df6b2
6
+ metadata.gz: d6b7e14a72e167dba29bbed06fa243cc21d3e0c4dfe6d3a6f42a0f4faf42bdc790cd6ae93aa18921ff0d69dbc575c2958d6d7319606eed25e5becb87d2b01dc0
7
+ data.tar.gz: 82b8d817f9da8862b4f7823e250f9f527d503da254650c3ade12ba24c17dea70ee04c3be7cb30cc7d0fba301eda8c9e6047ba46c7a2f6aa293f3d6512a6219a0
data/CHANGELOG CHANGED
@@ -1,3 +1,7 @@
1
+ === 1.6.0 (2017-02-27)
2
+
3
+ * Use cgi/escape if available for 6x faster HTML escaping (k0kubun, jeremyevans) (#4)
4
+
1
5
  === 1.5.0 (2017-01-26)
2
6
 
3
7
  * Drop tilt/erubi file, as tilt now ships with Erubi support (jeremyevans)
data/README.rdoc CHANGED
@@ -8,8 +8,8 @@ the same basic algorithm, with the following differences:
8
8
  * Works with ruby's --enable-frozen-string-literal option
9
9
  * Automatically freezes strings for template text when ruby optimizes it (on ruby 2.1+)
10
10
  * Escapes ' (apostrophe) when escaping for better XSS protection
11
- * Has 88% smaller memory footprint for base engine
12
- * Has 75% smaller memory footprint for tilt support
11
+ * Has 6x faster escaping on ruby 2.3+ by using cgi/escape
12
+ * Has 86% smaller memory footprint
13
13
  * Does no monkey patching (Erubis adds a method to Kernel)
14
14
  * Uses an immutable design (all options passed to the constructor, which returns a frozen object)
15
15
  * Has simpler internals (1 file, <150 lines of code)
data/lib/erubi.rb CHANGED
@@ -1,29 +1,42 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Erubi
4
- ESCAPE_TABLE = {'&' => '&amp;'.freeze, '<' => '&lt;'.freeze, '>' => '&gt;'.freeze, '"' => '&quot;'.freeze, "'" => '&#039;'.freeze}.freeze
4
+ VERSION = '1.6.0'
5
5
  RANGE_ALL = 0..-1
6
6
 
7
7
  if RUBY_VERSION >= '1.9'
8
8
  RANGE_FIRST = 0
9
9
  RANGE_LAST = -1
10
10
  TEXT_END = RUBY_VERSION >= '2.1' ? "'.freeze;" : "';"
11
-
12
- # Escape the following characters with their HTML/XML
13
- # equivalents.
14
- def self.h(value)
15
- value.to_s.gsub(/[&<>"']/, ESCAPE_TABLE)
16
- end
17
11
  else
18
12
  # :nocov:
19
13
  RANGE_FIRST = 0..0
20
14
  RANGE_LAST = -1..-1
21
15
  TEXT_END = "';"
16
+ end
22
17
 
18
+ begin
19
+ require 'cgi/escape'
20
+ unless CGI.respond_to?(:escapeHTML) # work around for JRuby 9.1
21
+ CGI = Object.new
22
+ CGI.extend(::CGI::Util)
23
+ end
23
24
  def self.h(value)
24
- value.to_s.gsub(/[&<>"']/){|s| ESCAPE_TABLE[s]}
25
+ CGI.escapeHTML(value.to_s)
26
+ end
27
+ rescue LoadError
28
+ ESCAPE_TABLE = {'&' => '&amp;'.freeze, '<' => '&lt;'.freeze, '>' => '&gt;'.freeze, '"' => '&quot;'.freeze, "'" => '&#39;'.freeze}.freeze
29
+ if RUBY_VERSION >= '1.9'
30
+ # Escape the following characters with their HTML/XML
31
+ # equivalents.
32
+ def self.h(value)
33
+ value.to_s.gsub(/[&<>"']/, ESCAPE_TABLE)
34
+ end
35
+ else
36
+ def self.h(value)
37
+ value.to_s.gsub(/[&<>"']/){|s| ESCAPE_TABLE[s]}
38
+ end
25
39
  end
26
- # :nocov:
27
40
  end
28
41
 
29
42
  class Engine
data/test/test.rb CHANGED
@@ -101,7 +101,7 @@ END2
101
101
  <tbody>
102
102
  <tr>
103
103
  <td>1</td>
104
- <td>&amp;&#039;&lt;&gt;&quot;2</td>
104
+ <td>&amp;&#39;&lt;&gt;&quot;2</td>
105
105
  </tr>
106
106
  </tbody>
107
107
  </table>
@@ -150,7 +150,7 @@ END2
150
150
  <tbody>
151
151
  <tr>
152
152
  <td>1</td>
153
- <td>&amp;&#039;&lt;&gt;&quot;2</td>
153
+ <td>&amp;&#39;&lt;&gt;&quot;2</td>
154
154
  </tr>
155
155
  </tbody>
156
156
  </table>
@@ -472,7 +472,7 @@ END2
472
472
  <tbody>
473
473
  <tr>
474
474
  <td>1</td>
475
- <td>&amp;&#039;&lt;&gt;&quot;2</td>
475
+ <td>&amp;&#39;&lt;&gt;&quot;2</td>
476
476
  </tr>
477
477
  </tbody>
478
478
  </table>
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: erubi
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.5.0
4
+ version: 1.6.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jeremy Evans
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2017-01-26 00:00:00.000000000 Z
12
+ date: 2017-02-27 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: minitest