RubyGems - iron-web - Versions diffs - 1.1.4 → 1.1.5 - Mend

iron-web 1.1.4 → 1.1.5

Files changed (9) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 00c2913b0e8c2f1c4288fa0347479ab0a2c59110
-  data.tar.gz: 441104bad18999b0ab9a67bfd2aeb24cfbe7129d
+  metadata.gz: e0ae26b5b55908940fb087539868211db2c4fe87
+  data.tar.gz: 7a48ab544ab37e93db0d321025e8de437561f26b
 SHA512:
-  metadata.gz: b96b862474e5c7dfd82f391f3b3da67b7091a63e7147821ae846ead32c8d05b5791a32df3ae7805364b438edbef10698837f305e215b4d1e9ae097a2982bc368
-  data.tar.gz: 3d7e0c45982b7a365437a107ab9cde7a7bcb427f1378ac03c3eb3ff3da5e97293f9f2246dccab1856b6ecb1745e2153752d8b3085b2dd45fd121a5ca285fccbe
+  metadata.gz: 70a20cfa63fe5d761ce8f7435a6d41d7e448d7410804c654f16e5bc7d5418abc4e23613e72e172cbcd0429dbc4998fdad8ea8295626291cae0d59c6b8c2c9545
+  data.tar.gz: f33c36381b5babc95a9b4410368ce6a92fc19d747981712826b8399558fce5602eea16cf51d36487754dc343714ec6c192c0d04f62b358d6c1f037f0c6fa4296

data/History.txt CHANGED

@@ -1,3 +1,8 @@
+== 1.1.5 / 2015-09-08
+* Remove requirement to require 'iron/web' instead of more obvious 'iron-web'
+* Add Html.escape_javascript to help with building javascript attributes like onclick
 == 1.1.4 / 2015-01-27
 * Update to use latest iron-extensions gem

data/README.rdoc CHANGED

@@ -53,7 +53,7 @@ A set of classes useful in the generation of HTML content.
 To use:
-    require 'iron/web'
+    require 'iron-web'
 Sample usage of all components:
@@ -78,7 +78,7 @@ Which would result in:
     <a href="http://irongaze.com#incoming">Say hello to my log file</a>
 Notice the darkened and correctly formatted CSS color value and the newly fragment-ized url.
-HTML elements are build by calling their tag name on the Html instance.  Similarly, element
+HTML elements are built by calling their tag name on the Html instance.  Similarly, element
 attributes are added by calling the attribute's name on the element instance, or by simply
 setting them during construction.

data/Version.txt CHANGED

	@@ -1 +1 @@
1	- 1.1.4
1	+ 1.1.5

data/lib/iron-web.rb ADDED

	@@ -0,0 +1 @@
1	+ require 'iron/web'

data/lib/iron/web/html.rb CHANGED

@@ -13,10 +13,12 @@ require 'iron/web/html/element'
 #     html.em('HTML is neat!')
 #   }
 # end
+#
 class Html
   # Constants
   HTML_ESCAPE = {"&"=>"&amp;", ">"=>"&gt;", "<"=>"&lt;", "\""=>"&quot;"}.freeze
+  JS_ESCAPE = {'\\' => '\\\\', '</' => '<\/', "\r\n" => '\n', "\n" => '\n', "\r" => '\n', '"' => '\\"', "'" => "\\'"}.freeze
   # Remove everything that would normally come from Object and Kernel etc. so our keys can be anything
   instance_methods.each do |m|
@@ -35,12 +37,41 @@ class Html
     builder.render.html_safe
   end
+  # The escape methods #escape_once and #escape_javascript are both taken from Rails, which like this library is MIT
+  # licensed.  The following license statement applies to those two methods and the constants they reference.  Thanks
+  # Rails team!
+  #
+  # Copyright © 2004-2013 David Heinemeier Hansson
+  # Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
+  # documentation files (the “Software”), to deal in the Software without restriction, including without limitation
+  # the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and
+  # to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+  #
+  # The above copyright notice and this permission notice shall be included in all copies or substantial portions
+  # of the Software.
+  #
+  # THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
+  # TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+  # THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
+  # CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+  # DEALINGS IN THE SOFTWARE.
+  #
   # Ripped from Rails...
   def self.escape_once(html)
     return html if html.html_safe?
     html.to_s.gsub(/[\"><]|&(?!([a-zA-Z]+|(#\d+));)/) { |special| HTML_ESCAPE[special] }.html_safe
   end
+  # And again, thanks Rails team!
+  def self.escape_javascript(js)
+    if js
+      res = js.gsub(/(\|<\/|\r\n|\342\200\250|\342\200\251|[\n\r"'])/u) {|special| JS_ESCAPE[special] }
+      js.html_safe? ? res.html_safe : res
+    else
+      ''
+    end
+  end
   # Sets up internal state, natch, and accepts a block that customizes the resulting object.
   def initialize
     @items = []

data/spec/spec_helper.rb CHANGED

@@ -4,6 +4,6 @@ require File.expand_path(File.join(File.dirname(__FILE__), '..', 'lib', 'iron',
 RSpec.configure do |config|
   #config.add_formatter 'documentation'
   config.color = true
-  config.backtrace_clean_patterns = [/rspec/]
+  config.backtrace_exclusion_patterns = [/rspec/]
 end

data/spec/web/html_spec.rb CHANGED

@@ -17,4 +17,16 @@ describe Html do
     end.should == "<!-- Important stuff -->\n\n<h1>\n  Da header\n</h1>\n"
   end
+  it 'should escape javascript' do
+    {
+      'abc' => 'abc',
+      nil => '',
+      'a "quote"' => 'a \\"quote\\"',
+      "single's quotin'" => "single\\'s quotin\\'",
+      "abc\r\n123" => 'abc\n123'
+    }.each_pair do |src, res|
+      Html.escape_javascript(src).should == res
+    end
+  end
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: iron-web
 version: !ruby/object:Gem::Version
-  version: 1.1.4
+  version: 1.1.5
 platform: ruby
 authors:
 - Rob Morris
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-01-28 00:00:00.000000000 Z
+date: 2015-09-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: iron-extensions
@@ -51,6 +51,7 @@ files:
 - LICENSE
 - README.rdoc
 - Version.txt
+- lib/iron-web.rb
 - lib/iron/web.rb
 - lib/iron/web/color.rb
 - lib/iron/web/html.rb