text_helpers 0.3.2 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +20 -7
- data/lib/text_helpers/translation.rb +13 -1
- data/lib/text_helpers/version.rb +1 -1
- data/test/lib/text_helpers/translation_test.rb +23 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e0042dc19e9deddd4e91c467ee37e19dd35f0b2f
|
|
4
|
+
data.tar.gz: 1e39637937fe563fe9b6e81ce05a08fd7f4626f8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8f1e1554ca7e1f236cc374ea9858c4105fa8cbeba0553a81b3284733a04865c5ca5b65d477d1224d7c9936d1851e5a1e6ab04ad5800e1ec24ea80d994fc3453d
|
|
7
|
+
data.tar.gz: 32a613528353df4ee8379fd2bd62b74573e3e1a014d1f3a8dfbcb8a9f34f8bb3871ea041254448c51f1d2799421b6748b121c1414d872712cfcc49b3bb08d636
|
data/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# TextHelpers
|
|
2
2
|
|
|
3
|
-
`TextHelpers` is a library intended to make working with static text in Rails
|
|
3
|
+
`TextHelpers` is a library intended to make working with static text in Rails
|
|
4
4
|
projects as painless as possible.
|
|
5
5
|
|
|
6
6
|
Include it in your `Gemfile` with:
|
|
@@ -11,9 +11,9 @@ gem "text_helpers"
|
|
|
11
11
|
|
|
12
12
|
## Suggested Use
|
|
13
13
|
|
|
14
|
-
All static text should be placed in locale files, in a directory
|
|
15
|
-
structure mirroring the app directory structure. The text for
|
|
16
|
-
`app/views/some/_partial.html.haml` would go in
|
|
14
|
+
All static text should be placed in locale files, in a directory
|
|
15
|
+
structure mirroring the app directory structure. The text for
|
|
16
|
+
`app/views/some/_partial.html.haml` would go in
|
|
17
17
|
`config/locales/views/some/partial.en.yml`, for example. This is not a strict
|
|
18
18
|
requirement, but will go a long way toward keeping your locales easily
|
|
19
19
|
maintainable.
|
|
@@ -35,10 +35,10 @@ used for variable text.
|
|
|
35
35
|
### In Views
|
|
36
36
|
|
|
37
37
|
To access this text in views, two helpers are available, `text` and `html`.
|
|
38
|
-
Both helpers take a lookup key, used to identify the desired piece of text,
|
|
38
|
+
Both helpers take a lookup key, used to identify the desired piece of text,
|
|
39
39
|
and an argument hash, which is forwarded to the `I18n.t` call.
|
|
40
40
|
|
|
41
|
-
`text` returns the requested text, with special values interpolated, and made
|
|
41
|
+
`text` returns the requested text, with special values interpolated, and made
|
|
42
42
|
html_safe (so HTML can be used here, when absolutely necessary).
|
|
43
43
|
|
|
44
44
|
`html` parses the requested text using Markdown, making it useful for rendering
|
|
@@ -53,6 +53,19 @@ HTML entities for common cases.
|
|
|
53
53
|
If you want to render a small fragment of Markdown without `p` tag wrappers,
|
|
54
54
|
you can pass `inline: true` as an option to `html`.
|
|
55
55
|
|
|
56
|
+
`text` and `html` will escape all arguments passed to it in order to prevent XSS
|
|
57
|
+
attacks. If you want to pass html content, you should ensure you mark it as .html_safe
|
|
58
|
+
|
|
59
|
+
Example: `text('welcome_user', username)` will escape html characters in username
|
|
60
|
+
```ruby
|
|
61
|
+
Welcome <b>Bob</b>
|
|
62
|
+
```
|
|
63
|
+
|
|
64
|
+
Example: `text('welcome_user', username.html_safe)` will output html characters in username
|
|
65
|
+
```ruby
|
|
66
|
+
Welcome <b>Bob</b>
|
|
67
|
+
```
|
|
68
|
+
|
|
56
69
|
### In Controllers
|
|
57
70
|
|
|
58
71
|
The same helpers are available in controllers, with the translation scope based
|
|
@@ -61,7 +74,7 @@ used for flash messages or alerts of some kind.
|
|
|
61
74
|
|
|
62
75
|
## Testing
|
|
63
76
|
|
|
64
|
-
Some shared `RSpec` contexts are available to allow the same locale
|
|
77
|
+
Some shared `RSpec` contexts are available to allow the same locale
|
|
65
78
|
abstractions for testing. You can include these contexts with:
|
|
66
79
|
|
|
67
80
|
```
|
|
@@ -23,7 +23,7 @@ module TextHelpers
|
|
|
23
23
|
text = I18n.t(key, {
|
|
24
24
|
scope: self.translation_scope,
|
|
25
25
|
default: "!#{key}!"
|
|
26
|
-
}.merge(options)).strip
|
|
26
|
+
}.merge(html_safe_options(options))).strip
|
|
27
27
|
|
|
28
28
|
# Interpolate any keypaths (e.g., `!some.lookup.path/key!`) found in the text.
|
|
29
29
|
while text =~ /!([\w._\/]+)!/ do
|
|
@@ -82,5 +82,17 @@ module TextHelpers
|
|
|
82
82
|
def translation_scope
|
|
83
83
|
raise NotImplementedError
|
|
84
84
|
end
|
|
85
|
+
|
|
86
|
+
# Protected: Convert all passed in arguments into html-safe strings
|
|
87
|
+
#
|
|
88
|
+
# hash - a set of key-value pairs, which converts the second argument into an html-safe string
|
|
89
|
+
#
|
|
90
|
+
# Returns a hash
|
|
91
|
+
def html_safe_options(hash)
|
|
92
|
+
hash.inject({}) do |result, (key, value)|
|
|
93
|
+
result[key] = ERB::Util.h(value)
|
|
94
|
+
result
|
|
95
|
+
end
|
|
96
|
+
end
|
|
85
97
|
end
|
|
86
98
|
end
|
data/lib/text_helpers/version.rb
CHANGED
|
@@ -26,7 +26,9 @@ describe TextHelpers::Translation do
|
|
|
26
26
|
list_key: "* #{@scoped_text}",
|
|
27
27
|
interpolated_key: "Global? (!test_key!)",
|
|
28
28
|
recursive_key: "Recursively !test.interpolated_key!",
|
|
29
|
-
quoted_key: "They're looking for \"#{@global_text}\"--#{@scoped_text}"
|
|
29
|
+
quoted_key: "They're looking for \"#{@global_text}\"--#{@scoped_text}",
|
|
30
|
+
argument_key: "This is what %{user} said",
|
|
31
|
+
number_key: "120\""
|
|
30
32
|
}
|
|
31
33
|
}
|
|
32
34
|
end
|
|
@@ -101,6 +103,26 @@ describe TextHelpers::Translation do
|
|
|
101
103
|
it "automatically converts quotes and dashes to clean HTML replacements" do
|
|
102
104
|
assert_equal "<p>They’re looking for “#{@global_text}”–#{@nb_scoped_text}</p>\n", @helper.html(:quoted_key)
|
|
103
105
|
end
|
|
106
|
+
|
|
107
|
+
it "converts to straight quotes in the general case" do
|
|
108
|
+
assert_equal "120"", @helper.text(:number_key) # 120"
|
|
109
|
+
end
|
|
110
|
+
|
|
111
|
+
it "handles i18n arguments" do
|
|
112
|
+
assert_equal "This is what Han Solo said", @helper.text(:argument_key, user: "Han Solo")
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
it "handles i18n arguments which are not strings" do
|
|
116
|
+
assert_equal "This is what 1234 said", @helper.text(:argument_key, user: 1234)
|
|
117
|
+
end
|
|
118
|
+
|
|
119
|
+
it "handles i18n arguments which are not html-safe" do
|
|
120
|
+
assert_equal "This is what <b>Han</b> Solo said", @helper.text(:argument_key, user: "<b>Han</b> Solo")
|
|
121
|
+
end
|
|
122
|
+
|
|
123
|
+
it "handles i18n arguments which are html-safe" do
|
|
124
|
+
assert_equal "This is what <b>Han</b> Solo said", @helper.text(:argument_key, user: "<b>Han</b> Solo".html_safe)
|
|
125
|
+
end
|
|
104
126
|
end
|
|
105
127
|
|
|
106
128
|
describe "when no valid scope is provided" do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: text_helpers
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Horner
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-
|
|
11
|
+
date: 2014-10-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|