escape_utils 0.1.4 → 0.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/lib/escape_utils.rb CHANGED
@@ -4,5 +4,7 @@ require 'escape_utils_ext'
4
4
 
5
5
  EscapeUtils.send(:extend, EscapeUtils)
6
6
  module EscapeUtils
7
- VERSION = "0.1.4"
7
+ VERSION = "0.1.5"
8
+
9
+ autoload :HtmlSafety, 'escape_utils/html_safety'
8
10
  end
@@ -1,7 +1,13 @@
1
1
  # encoding: utf-8
2
2
 
3
3
  class CGI
4
- def self.escapeHTML(s)
5
- EscapeUtils.escape_html(s.to_s)
4
+ extend ::EscapeUtils::HtmlSafety
5
+
6
+ class << self
7
+ alias escapeHTML _escape_html
8
+
9
+ def unescapeHTML(s)
10
+ EscapeUtils.unescape_html(s)
11
+ end
6
12
  end
7
13
  end
@@ -2,10 +2,9 @@
2
2
 
3
3
  class ERB
4
4
  module Util
5
- def html_escape(s)
6
- EscapeUtils.escape_html(s.to_s)
7
- end
5
+ include ::EscapeUtils::HtmlSafety
8
6
 
7
+ alias html_escape _escape_html
9
8
  alias h html_escape
10
9
  module_function :h
11
10
  module_function :html_escape
@@ -2,8 +2,8 @@
2
2
 
3
3
  module Haml
4
4
  module Helpers
5
- def html_escape(s)
6
- EscapeUtils.escape_html(s.to_s)
7
- end
5
+ include ::EscapeUtils::HtmlSafety
6
+
7
+ alias html_escape _escape_html
8
8
  end
9
9
  end
@@ -2,11 +2,9 @@
2
2
 
3
3
  module Rack
4
4
  module Utils
5
- def escape_html(s)
6
- EscapeUtils.escape_html(s.to_s)
7
- end
8
- def self.escape_html(s)
9
- EscapeUtils.escape_html(s.to_s)
10
- end
5
+ include ::EscapeUtils::HtmlSafety
6
+
7
+ alias escape_html _escape_html
8
+ module_function :escape_html
11
9
  end
12
10
  end
@@ -0,0 +1,19 @@
1
+ # encoding: utf-8
2
+
3
+ module EscapeUtils
4
+ module HtmlSafety
5
+ if "".respond_to? :html_safe?
6
+ def _escape_html(s)
7
+ if s.html_safe?
8
+ s.to_s.html_safe
9
+ else
10
+ EscapeUtils.escape_html(s.to_s).html_safe
11
+ end
12
+ end
13
+ else
14
+ def _escape_html(s)
15
+ EscapeUtils.escape_html(s.to_s)
16
+ end
17
+ end
18
+ end
19
+ end
@@ -0,0 +1,10 @@
1
+ # encoding: utf-8
2
+
3
+ class CGI
4
+ def self.escape(s)
5
+ EscapeUtils.escape_url(s)
6
+ end
7
+ def self.unescape(s)
8
+ EscapeUtils.unescape_url(s)
9
+ end
10
+ end
@@ -0,0 +1,12 @@
1
+ # encoding: utf-8
2
+
3
+ class ERB
4
+ module Util
5
+ def url_encode(s)
6
+ EscapeUtils.escape_url(s)
7
+ end
8
+ alias u url_encode
9
+ module_function :u
10
+ module_function :url_encode
11
+ end
12
+ end
@@ -0,0 +1,14 @@
1
+ # encoding: utf-8
2
+
3
+ module Rack
4
+ module Utils
5
+ def escape(url)
6
+ EscapeUtils.escape_url(url)
7
+ end
8
+ def unescape(url)
9
+ EscapeUtils.unescape_url(url)
10
+ end
11
+ module_function :escape
12
+ module_function :unescape
13
+ end
14
+ end
@@ -7,19 +7,19 @@ describe EscapeUtils, "escape_html" do
7
7
  end
8
8
 
9
9
  it "should escape a basic html tag" do
10
- EscapeUtils.escape_html("<some_tag/>").should eql("&lt;some_tag/&gt;")
10
+ EscapeUtils.escape_html("<some_tag/>").should eql("&lt;some_tag&#47;&gt;")
11
11
  end
12
12
 
13
13
  it "should escape double-quotes" do
14
- EscapeUtils.escape_html("<some_tag some_attr=\"some value\"/>").should eql("&lt;some_tag some_attr=&quot;some value&quot;/&gt;")
14
+ EscapeUtils.escape_html("<some_tag some_attr=\"some value\"/>").should eql("&lt;some_tag some_attr=&quot;some value&quot;&#47;&gt;")
15
15
  end
16
16
 
17
17
  it "should escape single-quotes" do
18
- EscapeUtils.escape_html("<some_tag some_attr='some value'/>").should eql("&lt;some_tag some_attr=&#39;some value&#39;/&gt;")
18
+ EscapeUtils.escape_html("<some_tag some_attr='some value'/>").should eql("&lt;some_tag some_attr=&#39;some value&#39;&#47;&gt;")
19
19
  end
20
20
 
21
21
  it "should escape the & character" do
22
- EscapeUtils.escape_html("<b>Bourbon & Branch</b>").should eql("&lt;b&gt;Bourbon &amp; Branch&lt;/b&gt;")
22
+ EscapeUtils.escape_html("<b>Bourbon & Branch</b>").should eql("&lt;b&gt;Bourbon &amp; Branch&lt;&#47;b&gt;")
23
23
  end
24
24
 
25
25
  if RUBY_VERSION =~ /^1.9/
@@ -7,19 +7,19 @@ describe EscapeUtils, "unescape_html" do
7
7
  end
8
8
 
9
9
  it "should unescape a basic html tag" do
10
- EscapeUtils.unescape_html("&lt;some_tag/&gt;").should eql("<some_tag/>")
10
+ EscapeUtils.unescape_html("&lt;some_tag&#47;&gt;").should eql("<some_tag/>")
11
11
  end
12
12
 
13
13
  it "should unescape double-quotes" do
14
- EscapeUtils.unescape_html("&lt;some_tag some_attr=&quot;some value&quot;/&gt;").should eql("<some_tag some_attr=\"some value\"/>")
14
+ EscapeUtils.unescape_html("&lt;some_tag some_attr=&quot;some value&quot;&#47;&gt;").should eql("<some_tag some_attr=\"some value\"/>")
15
15
  end
16
16
 
17
17
  it "should unescape single-quotes" do
18
- EscapeUtils.unescape_html("&lt;some_tag some_attr=&#39;some value&#39;/&gt;").should eql("<some_tag some_attr='some value'/>")
18
+ EscapeUtils.unescape_html("&lt;some_tag some_attr=&#39;some value&#39;&#47;&gt;").should eql("<some_tag some_attr='some value'/>")
19
19
  end
20
20
 
21
21
  it "should unescape the & character" do
22
- EscapeUtils.unescape_html("&lt;b&gt;Bourbon &amp; Branch&lt;/b&gt;").should eql("<b>Bourbon & Branch</b>")
22
+ EscapeUtils.unescape_html("&lt;b&gt;Bourbon &amp; Branch&lt;&#47;b&gt;").should eql("<b>Bourbon & Branch</b>")
23
23
  end
24
24
 
25
25
  if RUBY_VERSION =~ /^1.9/
@@ -0,0 +1,49 @@
1
+ # encoding: UTF-8
2
+ require File.expand_path(File.dirname(__FILE__) + '/spec_helper.rb')
3
+
4
+ class Object
5
+ def html_safe?
6
+ false
7
+ end
8
+ end
9
+
10
+ class TestSafeBuffer < String
11
+ def html_safe?
12
+ true
13
+ end
14
+
15
+ def html_safe
16
+ self
17
+ end
18
+
19
+ def to_s
20
+ self
21
+ end
22
+ end
23
+
24
+ class String
25
+ def html_safe
26
+ TestSafeBuffer.new(self)
27
+ end
28
+ end
29
+
30
+ include EscapeUtils::HtmlSafety
31
+
32
+ describe EscapeUtils::HtmlSafety do
33
+
34
+ it "should escape unsafe strings and make them safe" do
35
+ escaped = _escape_html("<strong>unsafe</strong>")
36
+ escaped.should eql("&lt;strong&gt;unsafe&lt;&#47;strong&gt;")
37
+ escaped.should be_html_safe
38
+ end
39
+
40
+ it "shouldn't escape safe strings" do
41
+ _escape_html("<p>safe string</p>".html_safe).should eql("<p>safe string</p>")
42
+ end
43
+
44
+ it "should work with non strings" do
45
+ _escape_html(5).should eql("5")
46
+ _escape_html(:hello).should eql("hello")
47
+ end
48
+
49
+ end
@@ -12,7 +12,7 @@ describe EscapeUtils, "escape_javascript" do
12
12
  end
13
13
 
14
14
  it "should escape quotes and newlines" do
15
- EscapeUtils.escape_javascript(%(This "thing" is really\n netos')).should eql(%(This \\"thing\\" is really\\n netos\\'))
15
+ EscapeUtils.escape_javascript(%(This "thing" is really\n netos\r\n\n')).should eql(%(This \\"thing\\" is really\\n netos\\n\\n\\'))
16
16
  end
17
17
 
18
18
  it "should escape backslashes" do
@@ -0,0 +1,39 @@
1
+ # encoding: UTF-8
2
+ require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
3
+
4
+ describe EscapeUtils, "unescape_javascript" do
5
+ it "should respond to unescape_javascript" do
6
+ EscapeUtils.should respond_to(:unescape_javascript)
7
+ end
8
+
9
+ # these are from the ActionView tests
10
+ it "should return an empty string if passed nil" do
11
+ EscapeUtils.unescape_javascript(nil).should eql("")
12
+ end
13
+
14
+ it "should unescape quotes and newlines" do
15
+ EscapeUtils.unescape_javascript(%(This \\"thing\\" is really\\n netos\\n\\n\\')).should eql(%(This "thing" is really\n netos\n\n'))
16
+ end
17
+
18
+ it "should unescape backslashes" do
19
+ EscapeUtils.unescape_javascript(%(backslash\\\\test)).should eql(%(backslash\\test))
20
+ end
21
+
22
+ it "should unescape closed html tags" do
23
+ EscapeUtils.unescape_javascript(%(dont <\\/close> tags)).should eql(%(dont </close> tags))
24
+ end
25
+
26
+ if RUBY_VERSION =~ /^1.9/
27
+ it "should default to utf-8 if Encoding.default_internal is nil" do
28
+ Encoding.default_internal = nil
29
+ EscapeUtils.unescape_javascript(%(dont <\\/close> tags)).encoding.should eql(Encoding.find('utf-8'))
30
+ end
31
+
32
+ it "should use Encoding.default_internal" do
33
+ Encoding.default_internal = Encoding.find('utf-8')
34
+ EscapeUtils.unescape_javascript(%(dont <\\/close> tags)).encoding.should eql(Encoding.default_internal)
35
+ Encoding.default_internal = Encoding.find('us-ascii')
36
+ EscapeUtils.unescape_javascript(%(dont <\\/close> tags)).encoding.should eql(Encoding.default_internal)
37
+ end
38
+ end
39
+ end
@@ -0,0 +1,52 @@
1
+ # encoding: UTF-8
2
+ require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
3
+
4
+ describe EscapeUtils, "escape_url" do
5
+ it "should respond to escape_url" do
6
+ EscapeUtils.should respond_to(:escape_url)
7
+ end
8
+
9
+ it "should escape a basic url" do
10
+ EscapeUtils.escape_url("http://www.homerun.com/").should eql("http%3A%2F%2Fwww.homerun.com%2F")
11
+ end
12
+
13
+ # NOTE: from Rack's test suite
14
+ it "should escape a url containing tags" do
15
+ EscapeUtils.escape_url("fo<o>bar").should eql("fo%3Co%3Ebar")
16
+ end
17
+
18
+ # NOTE: from Rack's test suite
19
+ it "should escape a url with spaces" do
20
+ EscapeUtils.escape_url("a space").should eql("a+space")
21
+ EscapeUtils.escape_url("a sp ace ").should eql("a+++sp+ace+")
22
+ end
23
+
24
+ # NOTE: from Rack's test suite
25
+ it "should escape a string of mixed characters" do
26
+ EscapeUtils.escape_url("q1!2\"'w$5&7/z8)?\\").should eql("q1%212%22%27w%245%267%2Fz8%29%3F%5C")
27
+ end
28
+
29
+ # NOTE: from Rack's test suite
30
+ it "should escape correctly for multibyte characters" do
31
+ matz_name = "\xE3\x81\xBE\xE3\x81\xA4\xE3\x82\x82\xE3\x81\xA8".unpack("a*")[0] # Matsumoto
32
+ matz_name.force_encoding("UTF-8") if matz_name.respond_to? :force_encoding
33
+ EscapeUtils.escape_url(matz_name).should eql('%E3%81%BE%E3%81%A4%E3%82%82%E3%81%A8')
34
+ matz_name_sep = "\xE3\x81\xBE\xE3\x81\xA4 \xE3\x82\x82\xE3\x81\xA8".unpack("a*")[0] # Matsu moto
35
+ matz_name_sep.force_encoding("UTF-8") if matz_name_sep.respond_to? :force_encoding
36
+ EscapeUtils.escape_url(matz_name_sep).should eql('%E3%81%BE%E3%81%A4+%E3%82%82%E3%81%A8')
37
+ end
38
+
39
+ if RUBY_VERSION =~ /^1.9/
40
+ it "should default to utf-8 if Encoding.default_internal is nil" do
41
+ Encoding.default_internal = nil
42
+ EscapeUtils.escape_url("http://www.homerun.com/").encoding.should eql(Encoding.find('utf-8'))
43
+ end
44
+
45
+ it "should use Encoding.default_internal" do
46
+ Encoding.default_internal = Encoding.find('utf-8')
47
+ EscapeUtils.escape_url("http://www.homerun.com/").encoding.should eql(Encoding.default_internal)
48
+ Encoding.default_internal = Encoding.find('us-ascii')
49
+ EscapeUtils.escape_url("http://www.homerun.com/").encoding.should eql(Encoding.default_internal)
50
+ end
51
+ end
52
+ end
@@ -0,0 +1,52 @@
1
+ # encoding: UTF-8
2
+ require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
3
+
4
+ describe EscapeUtils, "unescape_url" do
5
+ it "should respond to unescape_url" do
6
+ EscapeUtils.should respond_to(:unescape_url)
7
+ end
8
+
9
+ it "should unescape a basic url" do
10
+ EscapeUtils.unescape_url("http%3A%2F%2Fwww.homerun.com%2F").should eql("http://www.homerun.com/")
11
+ end
12
+
13
+ # NOTE: from Rack's test suite
14
+ it "should unescape a url containing tags" do
15
+ EscapeUtils.unescape_url("fo%3Co%3Ebar").should eql("fo<o>bar")
16
+ end
17
+
18
+ # NOTE: from Rack's test suite
19
+ it "should unescape a url with spaces" do
20
+ EscapeUtils.unescape_url("a+space").should eql("a space")
21
+ EscapeUtils.unescape_url("a+++sp+ace+").should eql("a sp ace ")
22
+ end
23
+
24
+ # NOTE: from Rack's test suite
25
+ it "should unescape a string of mixed characters" do
26
+ EscapeUtils.unescape_url("q1%212%22%27w%245%267%2Fz8%29%3F%5C").should eql("q1!2\"'w$5&7/z8)?\\")
27
+ end
28
+
29
+ # NOTE: from Rack's test suite
30
+ it "should unescape correctly for multibyte characters" do
31
+ matz_name = "\xE3\x81\xBE\xE3\x81\xA4\xE3\x82\x82\xE3\x81\xA8".unpack("a*")[0] # Matsumoto
32
+ matz_name.force_encoding("UTF-8") if matz_name.respond_to? :force_encoding
33
+ EscapeUtils.unescape_url('%E3%81%BE%E3%81%A4%E3%82%82%E3%81%A8').should eql(matz_name)
34
+ matz_name_sep = "\xE3\x81\xBE\xE3\x81\xA4 \xE3\x82\x82\xE3\x81\xA8".unpack("a*")[0] # Matsu moto
35
+ matz_name_sep.force_encoding("UTF-8") if matz_name_sep.respond_to? :force_encoding
36
+ EscapeUtils.unescape_url('%E3%81%BE%E3%81%A4+%E3%82%82%E3%81%A8').should eql(matz_name_sep)
37
+ end
38
+
39
+ if RUBY_VERSION =~ /^1.9/
40
+ it "should default to utf-8 if Encoding.default_internal is nil" do
41
+ Encoding.default_internal = nil
42
+ EscapeUtils.unescape_url("http%3A%2F%2Fwww.homerun.com%2F").encoding.should eql(Encoding.find('utf-8'))
43
+ end
44
+
45
+ it "should use Encoding.default_internal" do
46
+ Encoding.default_internal = Encoding.find('utf-8')
47
+ EscapeUtils.unescape_url("http%3A%2F%2Fwww.homerun.com%2F").encoding.should eql(Encoding.default_internal)
48
+ Encoding.default_internal = Encoding.find('us-ascii')
49
+ EscapeUtils.unescape_url("http%3A%2F%2Fwww.homerun.com%2F").encoding.should eql(Encoding.default_internal)
50
+ end
51
+ end
52
+ end
metadata CHANGED
@@ -1,12 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: escape_utils
3
3
  version: !ruby/object:Gem::Version
4
+ hash: 17
4
5
  prerelease: false
5
6
  segments:
6
7
  - 0
7
8
  - 1
8
- - 4
9
- version: 0.1.4
9
+ - 5
10
+ version: 0.1.5
10
11
  platform: ruby
11
12
  authors:
12
13
  - Brian Lopez
@@ -14,7 +15,7 @@ autorequire:
14
15
  bindir: bin
15
16
  cert_chain: []
16
17
 
17
- date: 2010-06-09 00:00:00 -07:00
18
+ date: 2010-07-13 00:00:00 -07:00
18
19
  default_executable:
19
20
  dependencies: []
20
21
 
@@ -36,6 +37,9 @@ files:
36
37
  - benchmark/html_escape.rb
37
38
  - benchmark/html_unescape.rb
38
39
  - benchmark/javascript_escape.rb
40
+ - benchmark/javascript_unescape.rb
41
+ - benchmark/url_escape.rb
42
+ - benchmark/url_unescape.rb
39
43
  - escape_utils.gemspec
40
44
  - ext/escape_utils.c
41
45
  - ext/extconf.rb
@@ -44,13 +48,21 @@ files:
44
48
  - lib/escape_utils/html/erb.rb
45
49
  - lib/escape_utils/html/haml.rb
46
50
  - lib/escape_utils/html/rack.rb
51
+ - lib/escape_utils/html_safety.rb
47
52
  - lib/escape_utils/javascript/action_view.rb
53
+ - lib/escape_utils/url/cgi.rb
54
+ - lib/escape_utils/url/erb.rb
55
+ - lib/escape_utils/url/rack.rb
48
56
  - spec/html/escape_spec.rb
49
57
  - spec/html/unescape_spec.rb
58
+ - spec/html_safety_spec.rb
50
59
  - spec/javascript/escape_spec.rb
60
+ - spec/javascript/unescape_spec.rb
51
61
  - spec/rcov.opts
52
62
  - spec/spec.opts
53
63
  - spec/spec_helper.rb
64
+ - spec/url/escape_spec.rb
65
+ - spec/url/unescape_spec.rb
54
66
  has_rdoc: true
55
67
  homepage: http://github.com/brianmario/escape_utils
56
68
  licenses: []
@@ -62,28 +74,36 @@ require_paths:
62
74
  - lib
63
75
  - ext
64
76
  required_ruby_version: !ruby/object:Gem::Requirement
77
+ none: false
65
78
  requirements:
66
79
  - - ">="
67
80
  - !ruby/object:Gem::Version
81
+ hash: 3
68
82
  segments:
69
83
  - 0
70
84
  version: "0"
71
85
  required_rubygems_version: !ruby/object:Gem::Requirement
86
+ none: false
72
87
  requirements:
73
88
  - - ">="
74
89
  - !ruby/object:Gem::Version
90
+ hash: 3
75
91
  segments:
76
92
  - 0
77
93
  version: "0"
78
94
  requirements: []
79
95
 
80
96
  rubyforge_project:
81
- rubygems_version: 1.3.6
97
+ rubygems_version: 1.3.7
82
98
  signing_key:
83
99
  specification_version: 3
84
100
  summary: Faster string escaping routines for your web apps
85
101
  test_files:
86
102
  - spec/html/escape_spec.rb
87
103
  - spec/html/unescape_spec.rb
104
+ - spec/html_safety_spec.rb
88
105
  - spec/javascript/escape_spec.rb
106
+ - spec/javascript/unescape_spec.rb
89
107
  - spec/spec_helper.rb
108
+ - spec/url/escape_spec.rb
109
+ - spec/url/unescape_spec.rb