haml-edge 2.3.67 → 2.3.68

data/EDGE_GEM_VERSION

@@ -1 +1 @@
-2.3.67
+2.3.68

data/VERSION

@@ -1 +1 @@
-2.3.67
+2.3.68

data/lib/haml/engine.rb

@@ -110,7 +110,6 @@ module Haml
       @precompiled = ''
       @to_merge = []
       @tab_change  = 0
-      @temp_count = 0
 
       precompile
     rescue Haml::Error => e
@@ -179,15 +178,13 @@ module Haml
         @haml_buffer = buffer
       end
 
-      str = eval(precompiled + ";" + precompiled_method_return_value,
+      eval(precompiled + ";" + precompiled_method_return_value,
         scope, @options[:filename], @options[:line])
-
+    ensure
       # Get rid of the current buffer
       scope_object.instance_eval do
         @haml_buffer = buffer.upper
       end
-
-      str
     end
     alias_method :to_html, :render
 

data/lib/haml/helpers/xss_mods.rb

@@ -17,8 +17,9 @@ module Haml
       # Don't escape text that's already safe,
       # output is always HTML safe
       def html_escape_with_haml_xss(text)
-        return text if text.html_safe?
-        html_escape_without_haml_xss(text).html_safe!
+        str = text.to_s
+        return text if str.html_safe?
+        html_escape_without_haml_xss(str).html_safe!
       end
 
       # Output is always HTML safe

data/lib/haml/precompiler.rb

@@ -92,14 +92,17 @@ module Haml
     # Returns the precompiled string with the preamble and postamble
     def precompiled_with_ambles(local_names)
       preamble = <<END.gsub("\n", ";")
+begin
 extend Haml::Helpers
 _hamlout = @haml_buffer = Haml::Buffer.new(@haml_buffer, #{options_for_buffer.inspect})
 _erbout = _hamlout.buffer
 __in_erb_template = true
 END
       postamble = <<END.gsub("\n", ";")
-@haml_buffer = @haml_buffer.upper
 #{precompiled_method_return_value}
+ensure
+@haml_buffer = @haml_buffer.upper
+end
 END
       preamble + locals_code(local_names) + precompiled + postamble
     end
@@ -1005,29 +1008,31 @@ END
 
     def resolve_newlines
       return unless @newlines > 0
+      flush_merged_text unless @to_merge.all? {|type, *_| type == :text}
       @precompiled << "\n" * @newlines
       @newlines = 0
     end
 
     # Get rid of and whitespace at the end of the buffer
     # or the merged text
-    def rstrip_buffer!
-      if @to_merge.empty?
+    def rstrip_buffer!(index = -1)
+      last = @to_merge[index]
+      if last.nil?
         push_silent("_hamlout.rstrip!", false)
         @dont_tab_up_next_text = true
         return
       end
 
-      last = @to_merge.last
       case last.first
       when :text
         last[1].rstrip!
         if last[1].empty?
-          @to_merge.pop
-          rstrip_buffer!
+          @to_merge.slice! index
+          rstrip_buffer! index
         end
       when :script
         last[1].gsub!(/\(haml_temp, (.*?)\);$/, '(haml_temp.rstrip, \1);')
+        rstrip_buffer! index - 1
       else
         raise SyntaxError.new("[HAML BUG] Undefined entry in Haml::Precompiler@to_merge.")
       end

data/test/haml/engine_test.rb

@@ -72,6 +72,7 @@ class EngineTest < Test::Unit::TestCase
     "/ foo\n\n  bar" => ["Illegal nesting: nesting within a tag that already has content is illegal.", 3],
     "!!!\n\n  bar" => ["Illegal nesting: nesting within a header command is illegal.", 3],
     "foo\n:ruby\n  1\n  2\n  3\n- raise 'foo'" => ["foo", 6],
+    "= raise 'foo'\nfoo\nbar\nbaz\nbang" => ["foo", 1],
   }
 
   User = Struct.new('User', :id)
@@ -338,6 +339,18 @@ HTML
 HAML
   end
 
+  def test_outer_whitespace_nuke_with_empty_script
+    assert_equal(<<HTML, render(<<HAML))
+<p>
+  foo<a></a></p>
+HTML
+%p
+  foo
+  = "  "
+  %a>
+HAML
+  end
+
   def test_both_case_indentation_work_with_deeply_nested_code
     result = <<RESULT
 <h2>
@@ -973,6 +986,32 @@ END
     assert_equal("FOO\n", engine("= upcase").render_proc("foo".instance_eval{binding}).call)
   end
 
+  def test_haml_buffer_gets_reset_even_with_exception
+    scope = Object.new
+    render("- raise Haml::Error", :scope => scope)
+    assert(false, "Expected exception")
+  rescue Exception
+    assert_nil(scope.send(:haml_buffer))
+  end
+
+  def test_def_method_haml_buffer_gets_reset_even_with_exception
+    scope = Object.new
+    engine("- raise Haml::Error").def_method(scope, :render)
+    scope.render
+    assert(false, "Expected exception")
+  rescue Exception
+    assert_nil(scope.send(:haml_buffer))
+  end
+
+  def test_render_proc_haml_buffer_gets_reset_even_with_exception
+    scope = Object.new
+    proc = engine("- raise Haml::Error").render_proc(scope)
+    proc.call
+    assert(false, "Expected exception")
+  rescue Exception
+    assert_nil(scope.send(:haml_buffer))
+  end
+
   def test_ugly_true
     assert_equal("<div id='outer'>\n<div id='inner'>\n<p>hello world</p>\n</div>\n</div>\n",
                  render("#outer\n  #inner\n    %p hello world", :ugly => true))

data/test/haml/template_test.rb

@@ -284,5 +284,9 @@ END
     def test_rendered_string_is_html_safe_with_action_view
       assert(render("Foo", :action_view).html_safe?)
     end
+
+    def test_xss_html_escaping_with_non_strings
+      assert_equal("4\n", render("= html_escape(4)"))
+    end
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: haml-edge
 version: !ruby/object:Gem::Version 
-  version: 2.3.67
+  version: 2.3.68
 platform: ruby
 authors: 
 - Nathan Weizenbaum
@@ -10,7 +10,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-10-31 00:00:00 -04:00
+date: 2009-11-03 00:00:00 -05:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -44,8 +44,8 @@ extensions: []
 
 extra_rdoc_files: 
 - README.md
-- REVISION
 - VERSION
+- REVISION
 - VERSION_NAME
 - CONTRIBUTING
 - MIT-LICENSE
@@ -262,8 +262,8 @@ files:
 - init.rb
 - .yardopts
 - README.md
-- REVISION
 - VERSION
+- REVISION
 - VERSION_NAME
 - CONTRIBUTING
 - MIT-LICENSE