phlex 1.5.3 → 1.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cb9f666a03a35cd5769f6a7fb559665f829997ad2d4267997512a21199091eee
-  data.tar.gz: 0e4e313a93f0ad010dccf984ebce586dfbe5c72cf10bec0a101c2a8f83d0af9b
+  metadata.gz: eeac8033b47d1e0cf99832bc7a42a7777ca44643dd503f3cb08087666b08d4f7
+  data.tar.gz: 6f7e786e982dcc9133c40179d4bb582d9d45bb610814020e916a2afbf17cb0d0
 SHA512:
-  metadata.gz: 3b2bdd2072778140464602492e213af01dcfd6b780ff8a92b21384ac31205e7c2b3ed767222e431a8e3983c9fe4483cea6494800c02979abee3617a0c89dee80
-  data.tar.gz: '059c2b94fc6c38a55997d5e9479c64f56bd43d0d9566647584f54c54728cb84924c88a910bb2acb7093ffd3746c1215e1b6f6c257b7ab02de7c821e19c06fc28'
+  metadata.gz: 037caf900c1155b1e9095588a30dff67a7f224b6e16365d417dc7412e34822cb1368a194a4e48de65c20a838b91f671e7e53fca7a0f0e973852d84ebc7c03d3c
+  data.tar.gz: 85ad16185650ff8aa04831c745ac6709ae35913863af0fef5a70d671d75dbbdf389005db6480cb5c4533ad9e3106379cb6aa2015b64194ca78a2dd8b61cd3993

data/.ruby-version

@@ -1 +1 @@
-3.3.0
+3.2.1

data/lib/phlex/context.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+class Phlex::Context
+	def initialize
+		@target = +""
+	end
+
+	attr_accessor :target
+
+	def with_target(new_target)
+		original_target = @target
+
+		begin
+			@target = new_target
+			yield
+		ensure
+			@target = original_target
+		end
+
+		new_target
+	end
+end

data/lib/phlex/elements.rb

@@ -20,19 +20,19 @@ module Phlex::Elements
 			def __phlex_#{element}__(**attributes, &block)
 				if attributes.length > 0 # with attributes
 					if block_given? # with content block
-						@_target << "<#{tag}" << (Phlex::ATTRIBUTE_CACHE[respond_to?(:process_attributes) ? (attributes.hash + self.class.hash) : attributes.hash] || __attributes__(**attributes)) << ">"
+						@_context.target << "<#{tag}" << (Phlex::ATTRIBUTE_CACHE[respond_to?(:process_attributes) ? (attributes.hash + self.class.hash) : attributes.hash] || __attributes__(**attributes)) << ">"
 						yield_content(&block)
-						@_target << "</#{tag}>"
+						@_context.target << "</#{tag}>"
 					else # without content block
-						@_target << "<#{tag}" << (Phlex::ATTRIBUTE_CACHE[respond_to?(:process_attributes) ? (attributes.hash + self.class.hash) : attributes.hash] || __attributes__(**attributes)) << "></#{tag}>"
+						@_context.target << "<#{tag}" << (Phlex::ATTRIBUTE_CACHE[respond_to?(:process_attributes) ? (attributes.hash + self.class.hash) : attributes.hash] || __attributes__(**attributes)) << "></#{tag}>"
 					end
 				else # without attributes
 					if block_given? # with content block
-						@_target << "<#{tag}>"
+						@_context.target << "<#{tag}>"
 						yield_content(&block)
-						@_target << "</#{tag}>"
+						@_context.target << "</#{tag}>"
 					else # without content block
-						@_target << "<#{tag}></#{tag}>"
+						@_context.target << "<#{tag}></#{tag}>"
 					end
 				end
 
@@ -53,9 +53,9 @@ module Phlex::Elements
 
 			def __phlex_#{element}__(**attributes)
 				if attributes.length > 0 # with attributes
-					@_target << "<#{tag}" << (Phlex::ATTRIBUTE_CACHE[respond_to?(:process_attributes) ? (attributes.hash + self.class.hash) : attributes.hash] || __attributes__(**attributes)) << ">"
+					@_context.target << "<#{tag}" << (Phlex::ATTRIBUTE_CACHE[respond_to?(:process_attributes) ? (attributes.hash + self.class.hash) : attributes.hash] || __attributes__(**attributes)) << ">"
 				else # without attributes
-					@_target << "<#{tag}>"
+					@_context.target << "<#{tag}>"
 				end
 
 				nil

data/lib/phlex/html.rb

@@ -25,7 +25,7 @@ module Phlex
 
 		# Output an HTML doctype.
 		def doctype
-			@_target << "<!DOCTYPE html>"
+			@_context.target << "<!DOCTYPE html>"
 			nil
 		end
 

data/lib/phlex/sgml.rb

@@ -34,21 +34,21 @@ module Phlex
 		end
 
 		# Renders the view and returns the buffer. The default buffer is a mutable String.
-		def call(buffer = nil, target: +"", view_context: nil, parent: nil, &block)
-			__final_call__(buffer, target: target, view_context: view_context, parent: parent, &block).tap do
+		def call(buffer = nil, context: Phlex::Context.new, view_context: nil, parent: nil, &block)
+			__final_call__(buffer, context: context, view_context: view_context, parent: parent, &block).tap do
 				self.class.rendered_at_least_once!
 			end
 		end
 
 		# @api private
-		def __final_call__(buffer = nil, target: +"", view_context: nil, parent: nil, &block)
-			@_target = target
+		def __final_call__(buffer = nil, context: Phlex::Context.new, view_context: nil, parent: nil, &block)
+			@_context = context
 			@_view_context = view_context
 			@_parent = parent
 
 			block ||= @_content_block
 
-			return buffer || target unless render?
+			return buffer || context.target unless render?
 
 			around_template do
 				if block
@@ -69,7 +69,7 @@ module Phlex
 				end
 			end
 
-			buffer ? (buffer << target) : target
+			buffer ? (buffer << context.target) : context.target
 		end
 
 		# Render another view
@@ -78,11 +78,15 @@ module Phlex
 		def render(renderable, &block)
 			case renderable
 			when Phlex::SGML
-				renderable.call(target: @_target, view_context: @_view_context, parent: self, &block)
+				renderable.call(context: @_context, view_context: @_view_context, parent: self, &block)
 			when Class
 				if renderable < Phlex::SGML
-					renderable.new.call(target: @_target, view_context: @_view_context, parent: self, &block)
+					renderable.new.call(context: @_context, view_context: @_view_context, parent: self, &block)
 				end
+			when Enumerable
+				renderable.each { |r| render(r, &block) }
+			when Proc
+				yield_content(&renderable)
 			else
 				raise ArgumentError, "You can't render a #{renderable}."
 			end
@@ -95,16 +99,16 @@ module Phlex
 		def plain(content)
 			case content
 			when String
-				@_target << ERB::Escape.html_escape(content)
+				@_context.target << ERB::Escape.html_escape(content)
 			when Symbol
-				@_target << ERB::Escape.html_escape(content.name)
+				@_context.target << ERB::Escape.html_escape(content.name)
 			when Integer
-				@_target << ERB::Escape.html_escape(content.to_s)
+				@_context.target << ERB::Escape.html_escape(content.to_s)
 			when nil
 				nil
 			else
 				if (formatted_object = format_object(content))
-					@_target << ERB::Escape.html_escape(formatted_object)
+					@_context.target << ERB::Escape.html_escape(formatted_object)
 				end
 			end
 
@@ -114,11 +118,11 @@ module Phlex
 		# Output a whitespace character. This is useful for getting inline elements to wrap. If you pass a block, a whitespace will be output before and after yielding the block.
 		# @return [nil]
 		def whitespace
-			@_target << " "
+			@_context.target << " "
 
 			if block_given?
 				yield
-				@_target << " "
+				@_context.target << " "
 			end
 
 			nil
@@ -127,9 +131,9 @@ module Phlex
 		# Output an HTML comment.
 		# @return [nil]
 		def comment(&block)
-			@_target << "<!-- "
+			@_context.target << "<!-- "
 			yield_content(&block)
-			@_target << " -->"
+			@_context.target << " -->"
 
 			nil
 		end
@@ -140,27 +144,17 @@ module Phlex
 		def unsafe_raw(content = nil)
 			return nil unless content
 
-			@_target << content
+			@_context.target << content
 			nil
 		end
 
 		# Capture a block of output as a String.
+		# @note This only works if the block's receiver is the current component or the block returns a String.
 		# @return [String]
 		def capture(&block)
-			return "" unless block_given?
+			return "" unless block
 
-			original_buffer_content = @_target.dup
-			@_target.clear
-
-			begin
-				yield_content(&block)
-				new_buffer_content = @_target.dup
-			ensure
-				@_target.clear
-				@_target << original_buffer_content
-			end
-
-			new_buffer_content.is_a?(String) ? new_buffer_content : ""
+			@_context.with_target(+"") { yield_content(&block) }
 		end
 
 		# Like `capture` but the output is vanished into a BlackHole buffer.
@@ -169,14 +163,7 @@ module Phlex
 		private def __vanish__(*args)
 			return unless block_given?
 
-			original_buffer = @_target
-
-			begin
-				@_target = BlackHole
-				yield(*args)
-			ensure
-				@_target = original_buffer
-			end
+			@_context.with_target(BlackHole) { yield(*args) }
 
 			nil
 		end
@@ -223,10 +210,10 @@ module Phlex
 		private def yield_content
 			return unless block_given?
 
-			original_length = @_target.length
+			original_length = @_context.target.length
 			content = yield(self)
 
-			plain(content) if original_length == @_target.length
+			plain(content) if original_length == @_context.target.length
 
 			nil
 		end
@@ -236,9 +223,9 @@ module Phlex
 		private def yield_content_with_args(*args)
 			return unless block_given?
 
-			original_length = @_target.length
+			original_length = @_context.target.length
 			content = yield(*args)
-			plain(content) if original_length == @_target.length
+			plain(content) if original_length == @_context.target.length
 
 			nil
 		end
@@ -256,6 +243,14 @@ module Phlex
 				attributes = process_attributes(**attributes)
 			end
 
+			if attributes[:href]&.start_with?(/\s*javascript:/)
+				attributes.delete(:href)
+			end
+
+			if attributes["href"]&.start_with?(/\s*javascript:/)
+				attributes.delete("href")
+			end
+
 			buffer = +""
 			__build_attributes__(attributes, buffer: buffer)
 
@@ -273,11 +268,8 @@ module Phlex
 					else k.to_s
 				end
 
-				lower_name = name.downcase
-				next if lower_name == "href" && v.to_s.downcase.tr("\t \n", "").start_with?("javascript:")
-
 				# Detect unsafe attribute names. Attribute names are considered unsafe if they match an event attribute or include unsafe characters.
-				if HTML::EVENT_ATTRIBUTES[lower_name] || name.match?(/[<>&"']/)
+				if HTML::EVENT_ATTRIBUTES[name] || name.match?(/[<>&"']/)
 					raise ArgumentError, "Unsafe attribute name detected: #{k}."
 				end
 

data/lib/phlex/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Phlex
-	VERSION = "1.5.3"
+	VERSION = "1.6.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: phlex
 version: !ruby/object:Gem::Version
-  version: 1.5.3
+  version: 1.6.0
 platform: ruby
 authors:
 - Joel Drapper
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2024-04-17 00:00:00.000000000 Z
+date: 2023-03-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: concurrent-ruby
@@ -76,6 +76,7 @@ files:
 - lib/phlex.rb
 - lib/phlex/black_hole.rb
 - lib/phlex/callable.rb
+- lib/phlex/context.rb
 - lib/phlex/deferred_render.rb
 - lib/phlex/element_clobbering_guard.rb
 - lib/phlex/elements.rb
@@ -116,7 +117,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.9
+rubygems_version: 3.4.6
 signing_key:
 specification_version: 4
 summary: A framework for building views in Ruby.