generic_form_builder 0.7.1 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,15 +1,15 @@
1
1
  ---
2
2
  !binary "U0hBMQ==":
3
3
  metadata.gz: !binary |-
4
- YjM0NWIyMWUzZDY2ODZhMjEyZWRmMmVhNTAxZTY5M2Q3ZTgyMTc3ZA==
4
+ N2YzMzFiMmU1MzM1ZWJjMzYyZDk5NWMxYzlhZjRjODI3MzhjYTEyOA==
5
5
  data.tar.gz: !binary |-
6
- MDNkMWJkY2JjMjlhNzMyZGQ1OTEyYmQzYmE0NDRmOTgxNTFiNTY0OA==
6
+ YjdhMWE0YmJlYjk3YTQwNjNlZmEwYTI4MzY4MzQ4MDA3MzFiMjRmNg==
7
7
  SHA512:
8
8
  metadata.gz: !binary |-
9
- M2FlMmM2YWExMzBmZDY4MTJkZmJmMjczOGRjNmRjZjRlYmMwZmM3NjkzM2Fl
10
- YzIzNzUyNjc2M2I1Y2MzZmNkMDRiOWUwYzA0NDQxNTQzZTEzMjMzZWY1MDA4
11
- Y2IxZjE4MjdiYmRlZWMwOWI2MzY1NWQ5OTFjNDIzZmQzZjYxZDY=
9
+ ZDk2Y2QzZTc2NzliNjM3NzkzOGQ0ZmRlNDJlNWM2YzJjNmQxODA3ZDFhYjE1
10
+ YTA3NzM2ZWQxY2Q4ZDczODg5NTI4ZTkwMjhmMzQxMTI5MjQzZWFkYjFlNGMz
11
+ MWZjYThkMjcwYTE1OWRjNDc0MDAzZWE1MGIxOWQ2OTZhOGQ1OWE=
12
12
  data.tar.gz: !binary |-
13
- NzgzZDUyMzY0MzI3YTRkZmViYmE2MmU4NjU0ZGJjMmRkMjA5MmM0MWY3Zjhl
14
- ZmM3NGRmODliNWRlY2JkMTQzYjRmMGY5ZGIyZTM2ZDljNzBhNjBkYWZjYTdj
15
- YmNkZTFkYmRmMjk3ZjY4NWM0ODBiOTdjYjY2ZWI5ZTEwY2E0ZmU=
13
+ ZWIzN2VkMDc1MTlhZTQ5M2FlZTE0MTFjOTBlOTlmMjg5NDczNzBiODhhYzYw
14
+ NjhkNTZhODUwZjdjYTBjNjZiZjgzMzAwZGY0OTEzN2ZiNzY2MWExNzJiODVm
15
+ NGRmYmRiMTE1OGM3Y2FlZjgyOWVkY2M1YThjYTcxZWQxZTg3OTc=
data/README.md CHANGED
@@ -12,3 +12,9 @@ This is a "generic" form builder because it covers most cases and is a starting
12
12
 
13
13
  If there's something missing that you think might be relevant to the wider world by all means put in a pull request,
14
14
  otherwise subclass the generic builder with your own domain specific additions.
15
+
16
+ ## XSS WARNING
17
+
18
+ In order to facilitate fancier notes and inline errors, all output from these helpers are considered HTML safe and will not be escaped.
19
+
20
+ DO NOT send any user input of any kind into the extra options (`note`, `label` etc) or you will be at risk of various attacks.
@@ -1,7 +1,7 @@
1
1
  # -*- encoding: utf-8 -*-
2
2
  Gem::Specification.new do |s|
3
3
  s.name = "generic_form_builder"
4
- s.version = '0.7.1'
4
+ s.version = '0.8.0'
5
5
  s.platform = Gem::Platform::RUBY
6
6
  s.authors = ["Elliot Crosby-McCullough", "George Brocklehurst", "Elise Huard", "Tom Stuart"]
7
7
  s.email = ["elliot.cm@gmail.com"]
@@ -19,11 +19,11 @@ class GenericFormBuilder < ActionView::Helpers::FormBuilder
19
19
  html_options = {}
20
20
 
21
21
  if any_errors?(field)
22
- errors = ' '+errors_text(field)
22
+ errors = ' '+content_tag(:span, errors_text(field), :class => "error")
23
23
  html_options.merge!('class' => 'errors')
24
24
  end
25
25
 
26
- content_tag(:p, label(field, "#{options[:label] || field.to_s.humanize}#{errors}") + note + super(field, options, *args) + button.try(:html_safe), html_options)
26
+ content_tag(:p, label(field, "#{options[:label] || field.to_s.humanize}#{errors}".try(:html_safe)) + note + super(field, options, *args) + button.try(:html_safe), html_options)
27
27
  end
28
28
  end
29
29
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: generic_form_builder
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.1
4
+ version: 0.8.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Elliot Crosby-McCullough
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2014-02-14 00:00:00.000000000 Z
14
+ date: 2014-02-19 00:00:00.000000000 Z
15
15
  dependencies: []
16
16
  description:
17
17
  email: