RubyGems - metamagic - Versions diffs - 3.1.1 → 3.1.2 - Mend

metamagic 3.1.1 → 3.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +4 -0
data/lib/metamagic/tag.rb +4 -4
data/lib/metamagic/tags/meta_tag.rb +1 -1
data/lib/metamagic/tags/title_tag.rb +1 -1
data/lib/metamagic/version.rb +1 -1
data/test/meta_tag_test.rb +14 -0
data/test/metamagic_test.rb +7 -0
data/test/title_tag_test.rb +42 -0
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5339c62a7823d6648e9df00ece50ef96c63ae8e8
-  data.tar.gz: 2d520fb7ef485717ff88f0a839ca39f010592a73
+  metadata.gz: 3785bc6edacf42b58b3da6a84e82067f9c740ac8
+  data.tar.gz: 45c1275787928af7cf48adbc35e4035c55d0558f
 SHA512:
-  metadata.gz: 6c30629cae86fd8fbeaddfeca49d2ac19c05678541d9bfc75e3ed702cfbd9ca90ff4db26bbbeff3bef5e31d436aad198bd46f8bbbb9d5723322f22ef8c8fe50a
-  data.tar.gz: 372ce9d3f776f2fea1dfc42bdee3e9fe85a65d645c4a54ddc4243d392dd1bb06c1b52b1b6aa804b1b1e98cecd679725ab7eaabb5b260a5801d844386615bb341
+  metadata.gz: 4b15f67940db99c9a8a637094df1d87f85ae088d7f8a9c613ec095f636b813d8137a70d535ada796518301c2d2d2a41c12fe38698f8761a4ac8d63056a53f36d
+  data.tar.gz: 8f4bb4af01686c7adce5374216ebb9322c62ea7d31696962c8b22b3bf76e304b4802f6d6fdd9fa87d77b09135692183a5adcaaa759c86ea735190653c135c1a9

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,9 @@
 # Changelog
+## Version 3.1.2
+* Add HTML safety handling.
 ## Version 3.1.1
 * Adds support for specifying templates on all tag types.

data/lib/metamagic/tag.rb CHANGED Viewed

@@ -31,13 +31,13 @@ module Metamagic
         when Symbol
           send(template)
         when String
-          template.gsub(/:\w+/) do |key|
-            send(key[1..-1])
-          end
+          ERB::Util.html_escape(template).gsub(/:\w+/) do |key|
+            ERB::Util.html_escape(send(key[1..-1]))
+          end.html_safe
         else
           raise "Unknown template type #{template.class}."
         end
-      end.flatten.compact.uniq
+      end.flatten.compact.uniq.map { |value| ERB::Util.html_escape(value) }
     end
     def ==(other)

data/lib/metamagic/tags/meta_tag.rb CHANGED Viewed

@@ -2,7 +2,7 @@ module Metamagic
   class MetaTag < Tag
     def to_html
       return if interpolated_values.empty?
-      tag(:meta, name: key, content: interpolated_values.join(", "))
+      tag(:meta, name: key, content: interpolated_values.join(", ").html_safe)
     end
     def sort_order

data/lib/metamagic/tags/title_tag.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 module Metamagic
   class TitleTag < Tag
     def to_html
-      content_tag(:title, interpolated_values.join(separator)) if interpolated_values.any?
+      content_tag(:title, interpolated_values.join(separator).html_safe) if interpolated_values.any?
     end
     def sort_order

data/lib/metamagic/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Metamagic
-  VERSION = "3.1.1"
+  VERSION = "3.1.2"
 end

data/test/meta_tag_test.rb CHANGED Viewed

@@ -76,4 +76,18 @@ class MetaTagTest < ActionView::TestCase
     assert_equal %{<meta content="added, keywords, default, from, layout" name="keywords" />},
                  metamagic(keywords: [:keywords, "added", "default", "keywords", "from", "layout"])
   end
+  test "html safe keywords" do
+    keywords ["one", "two &rarr; test".html_safe, "three"]
+    assert_equal %{<meta content="one, two &rarr; test, three" name="keywords" />},
+                 metamagic
+  end
+  test "html unsafe keywords" do
+    keywords ["one", "two &rarr; test", "three"]
+    assert_equal %{<meta content="one, two &amp;rarr; test, three" name="keywords" />},
+                 metamagic
+  end
 end

data/test/metamagic_test.rb CHANGED Viewed

@@ -51,6 +51,13 @@ class MetamagicTest < ActionView::TestCase
                  metamagic
   end
+  test "not adding templates from views" do
+    title "This is a :nonexistent_key"
+    assert_equal %{<title>This is a :nonexistent_key</title>},
+                 metamagic
+  end
   test "sorting tags" do
     twitter card: :summary
     og image: "http://test.com/image.png"

data/test/title_tag_test.rb CHANGED Viewed

@@ -79,6 +79,48 @@ class TitleTagTest < ActionView::TestCase
                  metamagic(site: "My Site", title: -> { meta_title_for(site, title) })
   end
+  test "html safe titles" do
+    title "My Site &rarr; Test".html_safe
+    assert_equal %{<title>My Site &rarr; Test</title>},
+                 metamagic
+  end
+  test "html safe titles in template" do
+    title "Test &rarr; Test".html_safe
+    assert_equal %{<title>Test &rarr; Test - My Site</title>},
+                 metamagic(title: ":title - :site", site: "My Site")
+  end
+  test "html unsafe titles" do
+    title "My Site &rarr; Test"
+    assert_equal %{<title>My Site &amp;rarr; Test</title>},
+                 metamagic
+  end
+  test "html unsafe titles in template" do
+    title "Test &rarr; Test"
+    assert_equal %{<title>Test &amp;rarr; Test - My Site</title>},
+                 metamagic(title: ":title - :site", site: "My Site")
+  end
+  test "html safe title template" do
+    title "Test Title"
+    assert_equal %{<title>Test Title &rarr; My Site</title>},
+                 metamagic(title: ":title &rarr; :site".html_safe, site: "My Site")
+  end
+  test "html unsafe title template" do
+    title "Test Title"
+    assert_equal %{<title>Test Title &amp;rarr; My Site</title>},
+                 metamagic(title: ":title &rarr; :site", site: "My Site")
+  end
   test "deprecated title_template option" do
     title "Test Title"

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: metamagic
 version: !ruby/object:Gem::Version
-  version: 3.1.1
+  version: 3.1.2
 platform: ruby
 authors:
 - Lasse Bunk