escape_utils 1.2.0 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (56) hide show
  1. checksums.yaml +5 -5
  2. data/.github/workflows/ci.yml +43 -0
  3. data/.gitignore +0 -1
  4. data/CHANGELOG.md +23 -0
  5. data/Gemfile +15 -0
  6. data/README.md +48 -91
  7. data/Rakefile +4 -2
  8. data/benchmark/html_escape_once.rb +25 -0
  9. data/benchmark/javascript_escape.rb +1 -1
  10. data/benchmark/javascript_unescape.rb +1 -1
  11. data/benchmark/url_decode.rb +28 -0
  12. data/benchmark/url_encode.rb +37 -0
  13. data/benchmark/xml_escape.rb +7 -11
  14. data/bin/console +8 -0
  15. data/escape_utils.gemspec +1 -12
  16. data/ext/escape_utils/escape_utils.c +8 -115
  17. data/ext/escape_utils/houdini.h +3 -5
  18. data/ext/escape_utils/houdini_html_e.c +52 -24
  19. data/ext/escape_utils/houdini_js_e.c +15 -3
  20. data/ext/escape_utils/houdini_uri_e.c +7 -18
  21. data/ext/escape_utils/houdini_uri_u.c +5 -15
  22. data/ext/escape_utils/houdini_xml_e.c +15 -1
  23. data/lib/escape_utils/html/cgi.rb +10 -8
  24. data/lib/escape_utils/html/erb.rb +1 -10
  25. data/lib/escape_utils/html/haml.rb +1 -7
  26. data/lib/escape_utils/html/rack.rb +3 -3
  27. data/lib/escape_utils/html_safety.rb +13 -0
  28. data/lib/escape_utils/url/cgi.rb +0 -8
  29. data/lib/escape_utils/url/erb.rb +1 -1
  30. data/lib/escape_utils/url/rack.rb +0 -12
  31. data/lib/escape_utils/url/uri.rb +11 -7
  32. data/lib/escape_utils/version.rb +1 -1
  33. data/lib/escape_utils/xml/builder.rb +2 -2
  34. data/lib/escape_utils.rb +61 -9
  35. data/test/helper.rb +16 -3
  36. data/test/html/escape_test.rb +66 -42
  37. data/test/html/unescape_test.rb +3 -21
  38. data/test/html_safety_test.rb +1 -27
  39. data/test/javascript/escape_test.rb +53 -20
  40. data/test/javascript/unescape_test.rb +16 -18
  41. data/test/query/escape_test.rb +3 -21
  42. data/test/query/unescape_test.rb +5 -23
  43. data/test/uri/escape_test.rb +16 -18
  44. data/test/uri/unescape_test.rb +17 -19
  45. data/test/uri_component/escape_test.rb +15 -17
  46. data/test/uri_component/unescape_test.rb +17 -19
  47. data/test/url/escape_test.rb +3 -21
  48. data/test/url/unescape_test.rb +5 -23
  49. data/test/xml/escape_test.rb +15 -17
  50. metadata +14 -127
  51. data/.travis.yml +0 -7
  52. data/benchmark/html_escape.rb +0 -68
  53. data/benchmark/html_unescape.rb +0 -35
  54. data/benchmark/url_escape.rb +0 -56
  55. data/benchmark/url_unescape.rb +0 -50
  56. data/ext/escape_utils/houdini_html_u.c +0 -122
data/lib/escape_utils.rb CHANGED
@@ -1,22 +1,74 @@
1
+ require 'cgi'
1
2
  require 'escape_utils/escape_utils'
2
3
  require 'escape_utils/version' unless defined? EscapeUtils::VERSION
3
4
 
4
5
  module EscapeUtils
5
6
  extend self
6
7
 
7
- # turn on/off the escaping of the '/' character during HTML escaping
8
- # Escaping '/' is recommended by the OWASP - http://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content
9
- # This is because quotes around HTML attributes are optional in most/all modern browsers at the time of writing (10/15/2010)
10
- def self.html_secure
11
- @html_secure
8
+ def html_secure
9
+ warn "EscapeUtils.html_secure is deprecated"
10
+ false
11
+ end
12
+
13
+ def html_secure=(val)
14
+ warn "EscapeUtils.html_secure is deprecated"
12
15
  end
13
- self.html_secure = true
14
16
 
15
17
  # Default String class to return from HTML escaping
16
- def self.html_safe_string_class
17
- @html_safe_string_class
18
+ attr_reader :html_safe_string_class
19
+
20
+ def html_safe_string_class=(klass)
21
+ unless String >= klass
22
+ raise ArgumentError, "EscapeUtils.html_safe_string_class must inherit from ::String"
23
+ end
24
+ @html_safe_string_class = klass
18
25
  end
26
+
19
27
  self.html_safe_string_class = String
20
28
 
21
29
  autoload :HtmlSafety, 'escape_utils/html_safety'
22
- end
30
+
31
+ def self.escape_html_once_as_html_safe(html)
32
+ escaped = escape_html_once(html)
33
+ if String == @html_safe_string_class
34
+ escaped
35
+ else
36
+ escaped = @html_safe_string_class.new(escaped)
37
+ escaped.instance_variable_set(:@html_safe, true)
38
+ escaped
39
+ end
40
+ end
41
+
42
+ def self.escape_html(html, secure = false)
43
+ warn "EscapeUtils.escape_html is deprecated. Use GCI.escapeHTML instead, it's faster"
44
+ CGI.escapeHTML(html)
45
+ end
46
+
47
+ def self.escape_html_as_html_safe(html)
48
+ warn "EscapeUtils.escape_html_as_html_safe is deprecated. Use GCI.escapeHTML(str).html_safe instead, it's faster"
49
+
50
+ escaped = CGI.escapeHTML(html)
51
+ if String == @html_safe_string_class
52
+ escaped
53
+ else
54
+ escaped = @html_safe_string_class.new(escaped)
55
+ escaped.instance_variable_set(:@html_safe, true)
56
+ escaped
57
+ end
58
+ end
59
+
60
+ def self.unescape_html(html)
61
+ warn "EscapeUtils.unescape_html is deprecated. Use GCI.unescapeHTML instead, performance is similar"
62
+ CGI.unescapeHTML(html)
63
+ end
64
+
65
+ def self.escape_url(string)
66
+ warn "EscapeUtils.escape_url is deprecated. Use CGI.escape instead, performance is similar"
67
+ CGI.escape(string)
68
+ end
69
+
70
+ def self.unescape_url(string)
71
+ warn "EscapeUtils.unescape_url is deprecated. Use CGI.unescape instead, performance is similar"
72
+ CGI.unescape(string)
73
+ end
74
+ end
data/test/helper.rb CHANGED
@@ -1,11 +1,24 @@
1
1
  # Basic test environment.
2
2
 
3
- # blah fuck this
4
- require 'rubygems' if !defined?(Gem)
5
- require 'bundler/setup'
3
+ module HideOwnWarnings
4
+ def warn(message)
5
+ unless message.include?("EscapeUtils")
6
+ super
7
+ end
8
+ end
9
+ end
10
+ Warning.prepend(HideOwnWarnings)
6
11
 
12
+ require 'bundler/setup'
7
13
  require 'escape_utils'
8
14
 
15
+ require 'active_support'
16
+ require 'active_support/json'
17
+ require "active_support/core_ext/string/output_safety"
18
+
19
+ require 'action_view'
20
+ require 'action_view/helpers'
21
+
9
22
  # bring in minitest
10
23
  require 'minitest/autorun'
11
24
 
@@ -1,42 +1,90 @@
1
1
  require File.expand_path("../../helper", __FILE__)
2
2
 
3
- class MyCustomHtmlSafeString < String
4
- end
5
-
6
3
  class HtmlEscapeTest < Minitest::Test
4
+ MyCustomHtmlSafeString = Class.new(String)
5
+
6
+ def setup
7
+ @_previous_safe = EscapeUtils.html_secure
8
+ @_previous_class = EscapeUtils.html_safe_string_class
9
+ end
10
+
11
+ def teardown
12
+ EscapeUtils.html_secure = @_previous_safe
13
+ EscapeUtils.html_safe_string_class = @_previous_class
14
+ end
15
+
16
+ def test_escape_source_encoding_is_maintained
17
+ source = 'foobar'
18
+ str = EscapeUtils.escape_html_as_html_safe(source)
19
+ assert_equal source.encoding, str.encoding
20
+ end
21
+
22
+ def test_escape_binary_encoding_is_maintained
23
+ source = 'foobar'.b
24
+ str = EscapeUtils.escape_html_as_html_safe(source)
25
+ assert_equal source.encoding, str.encoding
26
+ end
27
+
28
+ def test_escape_uft8_encoding_is_maintained
29
+ source = 'foobar'.encode 'UTF-8'
30
+ str = EscapeUtils.escape_html_as_html_safe(source)
31
+ assert_equal source.encoding, str.encoding
32
+ end
33
+
34
+ def test_escape_us_ascii_encoding_is_maintained
35
+ source = 'foobar'.encode 'US-ASCII'
36
+ str = EscapeUtils.escape_html_as_html_safe(source)
37
+ assert_equal source.encoding, str.encoding
38
+ end
39
+
7
40
  def test_escape_basic_html_with_secure
8
- assert_equal "&lt;some_tag&#47;&gt;", EscapeUtils.escape_html("<some_tag/>")
41
+ assert_equal "&lt;some_tag/&gt;", EscapeUtils.escape_html("<some_tag/>")
9
42
 
10
- secure_before = EscapeUtils.html_secure
11
43
  EscapeUtils.html_secure = true
12
- assert_equal "&lt;some_tag&#47;&gt;", EscapeUtils.escape_html("<some_tag/>")
13
- EscapeUtils.html_secure = secure_before
44
+ assert_equal "&lt;some_tag/&gt;", EscapeUtils.escape_html("<some_tag/>")
14
45
  end
15
46
 
16
47
  def test_escape_basic_html_without_secure
17
48
  assert_equal "&lt;some_tag/&gt;", EscapeUtils.escape_html("<some_tag/>", false)
18
49
 
19
- secure_before = EscapeUtils.html_secure
20
50
  EscapeUtils.html_secure = false
21
51
  assert_equal "&lt;some_tag/&gt;", EscapeUtils.escape_html("<some_tag/>")
22
- EscapeUtils.html_secure = secure_before
23
52
  end
24
53
 
25
54
  def test_escape_double_quotes
26
- assert_equal "&lt;some_tag some_attr=&quot;some value&quot;&#47;&gt;", EscapeUtils.escape_html("<some_tag some_attr=\"some value\"/>")
55
+ assert_equal "&lt;some_tag some_attr=&quot;some value&quot;/&gt;", EscapeUtils.escape_html("<some_tag some_attr=\"some value\"/>")
27
56
  end
28
57
 
29
58
  def test_escape_single_quotes
30
- assert_equal "&lt;some_tag some_attr=&#39;some value&#39;&#47;&gt;", EscapeUtils.escape_html("<some_tag some_attr='some value'/>")
59
+ assert_equal "&lt;some_tag some_attr=&#39;some value&#39;/&gt;", EscapeUtils.escape_html("<some_tag some_attr='some value'/>")
31
60
  end
32
61
 
33
62
  def test_escape_ampersand
34
- assert_equal "&lt;b&gt;Bourbon &amp; Branch&lt;&#47;b&gt;", EscapeUtils.escape_html("<b>Bourbon & Branch</b>")
63
+ assert_equal "&lt;b&gt;Bourbon &amp; Branch&lt;/b&gt;", EscapeUtils.escape_html("<b>Bourbon & Branch</b>")
35
64
  end
36
65
 
37
- def test_returns_original_if_not_escaped
38
- str = 'foobar'
39
- assert_equal str.object_id, EscapeUtils.escape_html(str).object_id
66
+ def test_escape_html_once
67
+ {
68
+ '&<' => '&amp;&lt;',
69
+ '&amp;&lt;&x;' => '&amp;&lt;&x;',
70
+ '&amp' => '&amp;amp',
71
+ '&!;' => '&amp;!;',
72
+ '&#0;' => '&#0;',
73
+ '&#10;' => '&#10;',
74
+ '&#10' => '&amp;#10',
75
+ '&#10000000000;' => '&#10000000000;',
76
+ '&#x0;' => '&#x0;',
77
+ '&#xf0;' => '&#xf0;',
78
+ '&#xf0' => '&amp;#xf0',
79
+ '&#x;' => '&amp;#x;',
80
+ '&#xfoo;' => '&amp;#xfoo;',
81
+ '&#;' => '&amp;#;',
82
+ '&#foo;' => '&amp;#foo;',
83
+ 'foo&amp;bar' => 'foo&amp;bar',
84
+ }.each do |(input, output)|
85
+ assert_equal output, EscapeUtils.escape_html_once(input)
86
+ assert_equal output, EscapeUtils.escape_html_once_as_html_safe(input)
87
+ end
40
88
  end
41
89
 
42
90
  def test_html_safe_escape_default_works
@@ -45,27 +93,21 @@ class HtmlEscapeTest < Minitest::Test
45
93
  end
46
94
 
47
95
  def test_returns_custom_string_class
48
- klass_before = EscapeUtils.html_safe_string_class
49
96
  EscapeUtils.html_safe_string_class = MyCustomHtmlSafeString
50
97
 
51
98
  str = EscapeUtils.escape_html_as_html_safe('foobar')
52
99
  assert_equal 'foobar', str
53
100
  assert_equal MyCustomHtmlSafeString, str.class
54
101
  assert_equal true, str.instance_variable_get(:@html_safe)
55
- ensure
56
- EscapeUtils.html_safe_string_class = klass_before
57
102
  end
58
103
 
59
104
  def test_returns_custom_string_class_when_string_requires_escaping
60
- klass_before = EscapeUtils.html_safe_string_class
61
105
  EscapeUtils.html_safe_string_class = MyCustomHtmlSafeString
62
106
 
63
107
  str = EscapeUtils.escape_html_as_html_safe("<script>")
64
108
  assert_equal "&lt;script&gt;", str
65
109
  assert_equal MyCustomHtmlSafeString, str.class
66
110
  assert_equal true, str.instance_variable_get(:@html_safe)
67
- ensure
68
- EscapeUtils.html_safe_string_class = klass_before
69
111
  end
70
112
 
71
113
  def test_html_safe_string_class_descends_string
@@ -81,26 +123,8 @@ class HtmlEscapeTest < Minitest::Test
81
123
  end
82
124
  end
83
125
 
84
- if RUBY_VERSION =~ /^1.9/
85
- def test_utf8_or_ascii_input_only
86
- str = "<b>Bourbon & Branch</b>"
87
-
88
- str.force_encoding 'ISO-8859-1'
89
- assert_raises Encoding::CompatibilityError do
90
- EscapeUtils.escape_html(str)
91
- end
92
-
93
- str.force_encoding 'UTF-8'
94
- begin
95
- EscapeUtils.escape_html(str)
96
- rescue Encoding::CompatibilityError => e
97
- assert_nil e, "#{e.class.name} raised, expected not to"
98
- end
99
- end
100
-
101
- def test_return_value_is_tagged_as_utf8
102
- str = "<b>Bourbon & Branch</b>".encode('utf-8')
103
- assert_equal Encoding.find('UTF-8'), EscapeUtils.escape_html(str).encoding
104
- end
126
+ def test_return_value_is_tagged_as_utf8
127
+ str = "<b>Bourbon & Branch</b>".encode('utf-8')
128
+ assert_equal Encoding.find('UTF-8'), EscapeUtils.escape_html(str).encoding
105
129
  end
106
130
  end
@@ -23,26 +23,8 @@ class HtmlUnescapeTest < Minitest::Test
23
23
  assert_equal "&lt", EscapeUtils.unescape_html("&lt")
24
24
  end
25
25
 
26
- if RUBY_VERSION =~ /^1.9/
27
- def test_input_must_be_utf8_or_ascii
28
- escaped = EscapeUtils.escape_html("<b>Bourbon & Branch</b>")
29
-
30
- escaped.force_encoding 'ISO-8859-1'
31
- assert_raises Encoding::CompatibilityError do
32
- EscapeUtils.unescape_html(escaped)
33
- end
34
-
35
- escaped.force_encoding 'UTF-8'
36
- begin
37
- EscapeUtils.unescape_html(escaped)
38
- rescue Encoding::CompatibilityError => e
39
- assert_nil e, "#{e.class.name} raised, expected not to"
40
- end
41
- end
42
-
43
- def test_return_value_is_tagged_as_utf8
44
- escaped = EscapeUtils.escape_html("<b>Bourbon & Branch</b>")
45
- assert_equal Encoding.find('UTF-8'), EscapeUtils.unescape_html(escaped).encoding
46
- end
26
+ def test_return_value_is_tagged_as_utf8
27
+ escaped = EscapeUtils.escape_html("<b>Bourbon & Branch</b>")
28
+ assert_equal Encoding.find('UTF-8'), EscapeUtils.unescape_html(escaped).encoding
47
29
  end
48
30
  end
@@ -1,37 +1,11 @@
1
1
  require File.expand_path("../helper", __FILE__)
2
2
 
3
- class Object
4
- def html_safe?
5
- false
6
- end
7
- end
8
-
9
- class TestSafeBuffer < String
10
- def html_safe?
11
- true
12
- end
13
-
14
- def html_safe
15
- self
16
- end
17
-
18
- def to_s
19
- self
20
- end
21
- end
22
-
23
- class String
24
- def html_safe
25
- TestSafeBuffer.new(self)
26
- end
27
- end
28
-
29
3
  class HtmlEscapeTest < Minitest::Test
30
4
  include EscapeUtils::HtmlSafety
31
5
 
32
6
  def test_marks_escaped_strings_safe
33
7
  escaped = _escape_html("<strong>unsafe</strong>")
34
- assert_equal "&lt;strong&gt;unsafe&lt;&#47;strong&gt;", escaped
8
+ assert_equal "&lt;strong&gt;unsafe&lt;/strong&gt;", escaped
35
9
  assert escaped.html_safe?
36
10
  end
37
11
 
@@ -1,42 +1,75 @@
1
1
  require File.expand_path("../../helper", __FILE__)
2
2
 
3
3
  class JavascriptEscapeTest < Minitest::Test
4
+ ActiveSupport.escape_html_entities_in_json = true
5
+
6
+ module ActionViewHelper
7
+ include ActionView::Helpers::JavaScriptHelper
8
+ extend self
9
+ end
10
+
4
11
  def test_returns_empty_string_if_nil_passed
5
- assert_equal "", EscapeUtils.escape_javascript(nil)
12
+ assert_compatible nil
6
13
  end
7
14
 
8
15
  def test_quotes_and_newlines
9
- assert_equal %(This \\"thing\\" is really\\n netos\\n\\n\\'), EscapeUtils.escape_javascript(%(This "thing" is really\n netos\r\n\n'))
16
+ assert_compatible %(This "thing" is really\n netos\r\n\n')
10
17
  end
11
18
 
12
19
  def test_backslashes
13
- assert_equal %(backslash\\\\test), EscapeUtils.escape_javascript(%(backslash\\test))
20
+ assert_compatible %(backslash\\test)
14
21
  end
15
22
 
16
23
  def test_closed_html_tags
17
- assert_equal %(keep <open>, but dont <\\/close> tags), EscapeUtils.escape_javascript(%(keep <open>, but dont </close> tags))
24
+ assert_compatible %(keep <open>, but dont </close> tags)
18
25
  end
19
26
 
20
- if RUBY_VERSION =~ /^1.9/
21
- def test_input_must_be_utf8_or_ascii
22
- str = "dont </close> tags"
27
+ def test_escape_javascript
28
+ assert_compatible 123
29
+ assert_compatible :en
30
+ assert_compatible false
31
+ assert_compatible true
32
+ assert_compatible %(don't </close> tags)
33
+ assert_compatible (+%(unicode \342\200\250 newline)).force_encoding(Encoding::UTF_8).encode!
34
+ assert_compatible (+%(unicode \342\200\251 newline)).force_encoding(Encoding::UTF_8).encode!
35
+ assert_compatible %(don't </close> tags)
36
+ end
23
37
 
24
- str.force_encoding 'ISO-8859-1'
25
- assert_raises Encoding::CompatibilityError do
26
- EscapeUtils.escape_javascript(str)
27
- end
38
+ def test_escape_backtick
39
+ assert_compatible "`"
40
+ end
41
+
42
+ def test_escape_dollar_sign
43
+ assert_compatible "$"
44
+ end
28
45
 
29
- str.force_encoding 'UTF-8'
30
- begin
31
- EscapeUtils.escape_javascript(str)
32
- rescue Encoding::CompatibilityError => e
33
- assert_nil e, "#{e.class.name} raised, expected not to"
34
- end
46
+ def test_input_must_be_utf8_or_ascii
47
+ str = "dont </close> tags"
48
+
49
+ str.force_encoding Encoding::ISO_8859_1
50
+ assert_raises Encoding::CompatibilityError do
51
+ EscapeUtils.escape_javascript(str)
35
52
  end
36
53
 
37
- def test_return_value_is_tagged_as_utf8
38
- str = "dont </close> tags"
39
- assert_equal Encoding.find('UTF-8'), EscapeUtils.escape_javascript(str).encoding
54
+ str.force_encoding Encoding::UTF_8
55
+ begin
56
+ EscapeUtils.escape_javascript(str)
57
+ rescue Encoding::CompatibilityError => e
58
+ assert_nil e, "#{e.class.name} raised, expected not to"
40
59
  end
41
60
  end
61
+
62
+ def test_return_value_is_tagged_as_utf8
63
+ str = "dont </close> tags"
64
+ assert_equal Encoding::UTF_8, EscapeUtils.escape_javascript(str).encoding
65
+ end
66
+
67
+ private
68
+
69
+ def assert_compatible(src)
70
+ assert_equal(
71
+ ActionViewHelper.escape_javascript(src),
72
+ EscapeUtils.escape_javascript(src),
73
+ )
74
+ end
42
75
  end
@@ -21,26 +21,24 @@ class JavascriptUnescapeTest < Minitest::Test
21
21
  assert_equal "\\", EscapeUtils.unescape_javascript("\\")
22
22
  end
23
23
 
24
- if RUBY_VERSION =~ /^1.9/
25
- def test_input_must_be_utf8_or_ascii
26
- escaped = EscapeUtils.escape_javascript("dont </close> tags")
27
-
28
- escaped.force_encoding 'ISO-8859-1'
29
- assert_raises Encoding::CompatibilityError do
30
- EscapeUtils.unescape_javascript(escaped)
31
- end
32
-
33
- escaped.force_encoding 'UTF-8'
34
- begin
35
- EscapeUtils.unescape_javascript(escaped)
36
- rescue Encoding::CompatibilityError => e
37
- assert_nil e, "#{e.class.name} raised, expected not to"
38
- end
24
+ def test_input_must_be_utf8_or_ascii
25
+ escaped = EscapeUtils.escape_javascript("dont </close> tags")
26
+
27
+ escaped.force_encoding 'ISO-8859-1'
28
+ assert_raises Encoding::CompatibilityError do
29
+ EscapeUtils.unescape_javascript(escaped)
39
30
  end
40
31
 
41
- def test_return_value_is_tagged_as_utf8
42
- escaped = EscapeUtils.escape_javascript("dont </close> tags")
43
- assert_equal Encoding.find('UTF-8'), EscapeUtils.unescape_javascript(escaped).encoding
32
+ escaped.force_encoding 'UTF-8'
33
+ begin
34
+ EscapeUtils.unescape_javascript(escaped)
35
+ rescue Encoding::CompatibilityError => e
36
+ assert_nil e, "#{e.class.name} raised, expected not to"
44
37
  end
45
38
  end
39
+
40
+ def test_return_value_is_tagged_as_utf8
41
+ escaped = EscapeUtils.escape_javascript("dont </close> tags")
42
+ assert_equal Encoding.find('UTF-8'), EscapeUtils.unescape_javascript(escaped).encoding
43
+ end
46
44
  end
@@ -25,26 +25,8 @@ class QueryEscapeTest < Minitest::Test
25
25
  assert_equal '%E3%81%BE%E3%81%A4+%E3%82%82%E3%81%A8', EscapeUtils.escape_url(matz_name_sep)
26
26
  end
27
27
 
28
- if RUBY_VERSION =~ /^1.9/
29
- def test_input_must_be_utf8_or_ascii
30
- str = "a space"
31
-
32
- str.force_encoding 'ISO-8859-1'
33
- assert_raises Encoding::CompatibilityError do
34
- EscapeUtils.escape_url(str)
35
- end
36
-
37
- str.force_encoding 'UTF-8'
38
- begin
39
- EscapeUtils.escape_url(str)
40
- rescue Encoding::CompatibilityError => e
41
- assert_nil e, "#{e.class.name} raised, expected not to"
42
- end
43
- end
44
-
45
- def test_return_value_is_tagged_as_utf8
46
- str = "a+space"
47
- assert_equal Encoding.find('UTF-8'), EscapeUtils.escape_url(str).encoding
48
- end
28
+ def test_return_value_is_tagged_as_utf8
29
+ str = "a+space"
30
+ assert_equal Encoding.find('UTF-8'), EscapeUtils.escape_url(str).encoding
49
31
  end
50
32
  end
@@ -20,33 +20,15 @@ class QueryUnescapeTest < Minitest::Test
20
20
 
21
21
  def test_url_containing_multibyte_characters
22
22
  matz_name = "\xE3\x81\xBE\xE3\x81\xA4\xE3\x82\x82\xE3\x81\xA8" # Matsumoto
23
- matz_name.force_encoding('UTF-8') if matz_name.respond_to?(:force_encoding)
23
+ matz_name.force_encoding('UTF-8')
24
24
  assert_equal matz_name, EscapeUtils.unescape_url('%E3%81%BE%E3%81%A4%E3%82%82%E3%81%A8')
25
25
  matz_name_sep = "\xE3\x81\xBE\xE3\x81\xA4 \xE3\x82\x82\xE3\x81\xA8" # Matsu moto
26
- matz_name_sep.force_encoding('UTF-8') if matz_name_sep.respond_to?(:force_encoding)
26
+ matz_name_sep.force_encoding('UTF-8')
27
27
  assert_equal matz_name_sep, EscapeUtils.unescape_url('%E3%81%BE%E3%81%A4+%E3%82%82%E3%81%A8')
28
28
  end
29
29
 
30
- if RUBY_VERSION =~ /^1.9/
31
- def test_input_must_be_valid_utf8_or_ascii
32
- escaped = EscapeUtils.unescape_url("a+space")
33
-
34
- escaped.force_encoding 'ISO-8859-1'
35
- assert_raises Encoding::CompatibilityError do
36
- EscapeUtils.unescape_url(escaped)
37
- end
38
-
39
- escaped.force_encoding 'UTF-8'
40
- begin
41
- EscapeUtils.unescape_url(escaped)
42
- rescue Encoding::CompatibilityError => e
43
- assert_nil e, "#{e.class.name} raised, expected not to"
44
- end
45
- end
46
-
47
- def test_return_value_is_tagged_as_utf8
48
- escaped = EscapeUtils.escape_url("a space")
49
- assert_equal Encoding.find('UTF-8'), EscapeUtils.unescape_url(escaped).encoding
50
- end
30
+ def test_return_value_is_tagged_as_utf8
31
+ escaped = EscapeUtils.escape_url("a space")
32
+ assert_equal Encoding.find('UTF-8'), EscapeUtils.unescape_url(escaped).encoding
51
33
  end
52
34
  end
@@ -5,7 +5,7 @@ class UriEscapeTest < Minitest::Test
5
5
  def test_uri_stdlib_compatibility
6
6
  (0..127).each do |i|
7
7
  c = i.chr
8
- assert_equal URI.escape(c), EscapeUtils.escape_uri(c)
8
+ assert_equal URI::DEFAULT_PARSER.escape(c), EscapeUtils.escape_uri(c)
9
9
  end
10
10
  end
11
11
 
@@ -33,26 +33,24 @@ class UriEscapeTest < Minitest::Test
33
33
  assert_equal "a/slash", EscapeUtils.escape_uri("a/slash")
34
34
  end
35
35
 
36
- if RUBY_VERSION =~ /^1.9/
37
- def test_input_must_be_utf8_or_ascii
38
- str = "fo<o>bar"
36
+ def test_input_must_be_utf8_or_ascii
37
+ str = "fo<o>bar"
39
38
 
40
- str.force_encoding 'ISO-8859-1'
41
- assert_raises Encoding::CompatibilityError do
42
- EscapeUtils.escape_uri(str)
43
- end
44
-
45
- str.force_encoding 'UTF-8'
46
- begin
47
- EscapeUtils.escape_uri(str)
48
- rescue Encoding::CompatibilityError => e
49
- assert_nil e, "#{e.class.name} raised, expected not to"
50
- end
39
+ str.force_encoding 'ISO-8859-1'
40
+ assert_raises Encoding::CompatibilityError do
41
+ EscapeUtils.escape_uri(str)
51
42
  end
52
43
 
53
- def test_return_value_is_tagged_as_utf8
54
- str = "fo<o>bar"
55
- assert_equal Encoding.find('UTF-8'), EscapeUtils.escape_uri(str).encoding
44
+ str.force_encoding 'UTF-8'
45
+ begin
46
+ EscapeUtils.escape_uri(str)
47
+ rescue Encoding::CompatibilityError => e
48
+ assert_nil e, "#{e.class.name} raised, expected not to"
56
49
  end
57
50
  end
51
+
52
+ def test_return_value_is_tagged_as_utf8
53
+ str = "fo<o>bar"
54
+ assert_equal Encoding.find('UTF-8'), EscapeUtils.escape_uri(str).encoding
55
+ end
58
56
  end
@@ -23,10 +23,10 @@ class UriUnescapeTest < Minitest::Test
23
23
 
24
24
  def test_uri_containing_multibyte_charactes
25
25
  matz_name = "\xE3\x81\xBE\xE3\x81\xA4\xE3\x82\x82\xE3\x81\xA8" # Matsumoto
26
- matz_name.force_encoding('UTF-8') if matz_name.respond_to?(:force_encoding)
26
+ matz_name.force_encoding('UTF-8')
27
27
  assert_equal matz_name, EscapeUtils.unescape_uri('%E3%81%BE%E3%81%A4%E3%82%82%E3%81%A8')
28
28
  matz_name_sep = "\xE3\x81\xBE\xE3\x81\xA4 \xE3\x82\x82\xE3\x81\xA8" # Matsu moto
29
- matz_name_sep.force_encoding('UTF-8') if matz_name_sep.respond_to?(:force_encoding)
29
+ matz_name_sep.force_encoding('UTF-8')
30
30
  assert_equal matz_name_sep, EscapeUtils.unescape_uri('%E3%81%BE%E3%81%A4%20%E3%82%82%E3%81%A8')
31
31
  end
32
32
 
@@ -41,26 +41,24 @@ class UriUnescapeTest < Minitest::Test
41
41
  end
42
42
  end
43
43
 
44
- if RUBY_VERSION =~ /^1.9/
45
- def test_input_must_be_valid_utf8_or_ascii
46
- escaped = EscapeUtils.escape_uri("fo<o>bar")
44
+ def test_input_must_be_valid_utf8_or_ascii
45
+ escaped = EscapeUtils.escape_uri("fo<o>bar")
47
46
 
48
- escaped.force_encoding 'ISO-8859-1'
49
- assert_raises Encoding::CompatibilityError do
50
- EscapeUtils.unescape_uri(escaped)
51
- end
52
-
53
- escaped.force_encoding 'UTF-8'
54
- begin
55
- EscapeUtils.unescape_uri(escaped)
56
- rescue Encoding::CompatibilityError => e
57
- assert_nil e, "#{e.class.name} raised, expected not to"
58
- end
47
+ escaped.force_encoding 'ISO-8859-1'
48
+ assert_raises Encoding::CompatibilityError do
49
+ EscapeUtils.unescape_uri(escaped)
59
50
  end
60
51
 
61
- def test_return_value_is_tagged_as_utf8
62
- escaped = EscapeUtils.escape_uri("a space")
63
- assert_equal Encoding.find('UTF-8'), EscapeUtils.unescape_uri(escaped).encoding
52
+ escaped.force_encoding 'UTF-8'
53
+ begin
54
+ EscapeUtils.unescape_uri(escaped)
55
+ rescue Encoding::CompatibilityError => e
56
+ assert_nil e, "#{e.class.name} raised, expected not to"
64
57
  end
65
58
  end
59
+
60
+ def test_return_value_is_tagged_as_utf8
61
+ escaped = EscapeUtils.escape_uri("a space")
62
+ assert_equal Encoding.find('UTF-8'), EscapeUtils.unescape_uri(escaped).encoding
63
+ end
66
64
  end