text_helpers 0.3.2 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +20 -7
- data/lib/text_helpers/translation.rb +13 -1
- data/lib/text_helpers/version.rb +1 -1
- data/test/lib/text_helpers/translation_test.rb +23 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e0042dc19e9deddd4e91c467ee37e19dd35f0b2f
|
4
|
+
data.tar.gz: 1e39637937fe563fe9b6e81ce05a08fd7f4626f8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8f1e1554ca7e1f236cc374ea9858c4105fa8cbeba0553a81b3284733a04865c5ca5b65d477d1224d7c9936d1851e5a1e6ab04ad5800e1ec24ea80d994fc3453d
|
7
|
+
data.tar.gz: 32a613528353df4ee8379fd2bd62b74573e3e1a014d1f3a8dfbcb8a9f34f8bb3871ea041254448c51f1d2799421b6748b121c1414d872712cfcc49b3bb08d636
|
data/README.md
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# TextHelpers
|
2
2
|
|
3
|
-
`TextHelpers` is a library intended to make working with static text in Rails
|
3
|
+
`TextHelpers` is a library intended to make working with static text in Rails
|
4
4
|
projects as painless as possible.
|
5
5
|
|
6
6
|
Include it in your `Gemfile` with:
|
@@ -11,9 +11,9 @@ gem "text_helpers"
|
|
11
11
|
|
12
12
|
## Suggested Use
|
13
13
|
|
14
|
-
All static text should be placed in locale files, in a directory
|
15
|
-
structure mirroring the app directory structure. The text for
|
16
|
-
`app/views/some/_partial.html.haml` would go in
|
14
|
+
All static text should be placed in locale files, in a directory
|
15
|
+
structure mirroring the app directory structure. The text for
|
16
|
+
`app/views/some/_partial.html.haml` would go in
|
17
17
|
`config/locales/views/some/partial.en.yml`, for example. This is not a strict
|
18
18
|
requirement, but will go a long way toward keeping your locales easily
|
19
19
|
maintainable.
|
@@ -35,10 +35,10 @@ used for variable text.
|
|
35
35
|
### In Views
|
36
36
|
|
37
37
|
To access this text in views, two helpers are available, `text` and `html`.
|
38
|
-
Both helpers take a lookup key, used to identify the desired piece of text,
|
38
|
+
Both helpers take a lookup key, used to identify the desired piece of text,
|
39
39
|
and an argument hash, which is forwarded to the `I18n.t` call.
|
40
40
|
|
41
|
-
`text` returns the requested text, with special values interpolated, and made
|
41
|
+
`text` returns the requested text, with special values interpolated, and made
|
42
42
|
html_safe (so HTML can be used here, when absolutely necessary).
|
43
43
|
|
44
44
|
`html` parses the requested text using Markdown, making it useful for rendering
|
@@ -53,6 +53,19 @@ HTML entities for common cases.
|
|
53
53
|
If you want to render a small fragment of Markdown without `p` tag wrappers,
|
54
54
|
you can pass `inline: true` as an option to `html`.
|
55
55
|
|
56
|
+
`text` and `html` will escape all arguments passed to it in order to prevent XSS
|
57
|
+
attacks. If you want to pass html content, you should ensure you mark it as .html_safe
|
58
|
+
|
59
|
+
Example: `text('welcome_user', username)` will escape html characters in username
|
60
|
+
```ruby
|
61
|
+
Welcome <b>Bob</b>
|
62
|
+
```
|
63
|
+
|
64
|
+
Example: `text('welcome_user', username.html_safe)` will output html characters in username
|
65
|
+
```ruby
|
66
|
+
Welcome <b>Bob</b>
|
67
|
+
```
|
68
|
+
|
56
69
|
### In Controllers
|
57
70
|
|
58
71
|
The same helpers are available in controllers, with the translation scope based
|
@@ -61,7 +74,7 @@ used for flash messages or alerts of some kind.
|
|
61
74
|
|
62
75
|
## Testing
|
63
76
|
|
64
|
-
Some shared `RSpec` contexts are available to allow the same locale
|
77
|
+
Some shared `RSpec` contexts are available to allow the same locale
|
65
78
|
abstractions for testing. You can include these contexts with:
|
66
79
|
|
67
80
|
```
|
@@ -23,7 +23,7 @@ module TextHelpers
|
|
23
23
|
text = I18n.t(key, {
|
24
24
|
scope: self.translation_scope,
|
25
25
|
default: "!#{key}!"
|
26
|
-
}.merge(options)).strip
|
26
|
+
}.merge(html_safe_options(options))).strip
|
27
27
|
|
28
28
|
# Interpolate any keypaths (e.g., `!some.lookup.path/key!`) found in the text.
|
29
29
|
while text =~ /!([\w._\/]+)!/ do
|
@@ -82,5 +82,17 @@ module TextHelpers
|
|
82
82
|
def translation_scope
|
83
83
|
raise NotImplementedError
|
84
84
|
end
|
85
|
+
|
86
|
+
# Protected: Convert all passed in arguments into html-safe strings
|
87
|
+
#
|
88
|
+
# hash - a set of key-value pairs, which converts the second argument into an html-safe string
|
89
|
+
#
|
90
|
+
# Returns a hash
|
91
|
+
def html_safe_options(hash)
|
92
|
+
hash.inject({}) do |result, (key, value)|
|
93
|
+
result[key] = ERB::Util.h(value)
|
94
|
+
result
|
95
|
+
end
|
96
|
+
end
|
85
97
|
end
|
86
98
|
end
|
data/lib/text_helpers/version.rb
CHANGED
@@ -26,7 +26,9 @@ describe TextHelpers::Translation do
|
|
26
26
|
list_key: "* #{@scoped_text}",
|
27
27
|
interpolated_key: "Global? (!test_key!)",
|
28
28
|
recursive_key: "Recursively !test.interpolated_key!",
|
29
|
-
quoted_key: "They're looking for \"#{@global_text}\"--#{@scoped_text}"
|
29
|
+
quoted_key: "They're looking for \"#{@global_text}\"--#{@scoped_text}",
|
30
|
+
argument_key: "This is what %{user} said",
|
31
|
+
number_key: "120\""
|
30
32
|
}
|
31
33
|
}
|
32
34
|
end
|
@@ -101,6 +103,26 @@ describe TextHelpers::Translation do
|
|
101
103
|
it "automatically converts quotes and dashes to clean HTML replacements" do
|
102
104
|
assert_equal "<p>They’re looking for “#{@global_text}”–#{@nb_scoped_text}</p>\n", @helper.html(:quoted_key)
|
103
105
|
end
|
106
|
+
|
107
|
+
it "converts to straight quotes in the general case" do
|
108
|
+
assert_equal "120"", @helper.text(:number_key) # 120"
|
109
|
+
end
|
110
|
+
|
111
|
+
it "handles i18n arguments" do
|
112
|
+
assert_equal "This is what Han Solo said", @helper.text(:argument_key, user: "Han Solo")
|
113
|
+
end
|
114
|
+
|
115
|
+
it "handles i18n arguments which are not strings" do
|
116
|
+
assert_equal "This is what 1234 said", @helper.text(:argument_key, user: 1234)
|
117
|
+
end
|
118
|
+
|
119
|
+
it "handles i18n arguments which are not html-safe" do
|
120
|
+
assert_equal "This is what <b>Han</b> Solo said", @helper.text(:argument_key, user: "<b>Han</b> Solo")
|
121
|
+
end
|
122
|
+
|
123
|
+
it "handles i18n arguments which are html-safe" do
|
124
|
+
assert_equal "This is what <b>Han</b> Solo said", @helper.text(:argument_key, user: "<b>Han</b> Solo".html_safe)
|
125
|
+
end
|
104
126
|
end
|
105
127
|
|
106
128
|
describe "when no valid scope is provided" do
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: text_helpers
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.4.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Andrew Horner
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-
|
11
|
+
date: 2014-10-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|