tina4ruby 3.10.86 → 3.10.89
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/tina4/frond.rb +30 -1
- data/lib/tina4/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b288a6697081e0aced7f44fc2171066896d54095b241ac94e03632510c6209ea
|
|
4
|
+
data.tar.gz: b9e8b8b832f351b11ec5c3af1acd81c336e7b20efdf106e74955a9b9c82665f7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ab190740cf6616a0acb9219e4a9cc728bfd61bad84b2c08b6089e1cc1e9310eaf66a4fca88c0a7fa6d025a8f61cdbce50d9c60a1f28c99a06bbc0a29d805c374
|
|
7
|
+
data.tar.gz: fcb851edb3e8939a2c828229f9bee1d9e7a017f7e73bc2ee0a664e10104e3af7133b089bf24daa8a3b9b909ccb6f8ef24f05ee4be4f526483689a08aa9b7effa
|
data/lib/tina4/frond.rb
CHANGED
|
@@ -1842,7 +1842,10 @@ module Tina4
|
|
|
1842
1842
|
|
|
1843
1843
|
# -- Utility --
|
|
1844
1844
|
"default" => ->(v, *a) { (v.nil? || v.to_s.empty?) ? (a[0] || "") : v },
|
|
1845
|
-
|
|
1845
|
+
# dump filter — gated on TINA4_DEBUG=true via Frond.render_dump.
|
|
1846
|
+
# Both the |dump filter and the dump() global delegate to the same
|
|
1847
|
+
# helper so they produce identical output and obey the same gating.
|
|
1848
|
+
"dump" => ->(v, *_a) { Frond.render_dump(v) },
|
|
1846
1849
|
"string" => ->(v, *_a) { v.to_s },
|
|
1847
1850
|
"truncate" => ->(v, *a) {
|
|
1848
1851
|
len = a[0] ? a[0].to_i : 50
|
|
@@ -1886,6 +1889,32 @@ module Tina4
|
|
|
1886
1889
|
@globals["form_token"] = ->(descriptor = "") { Frond.generate_form_token(descriptor.to_s) }
|
|
1887
1890
|
@globals["formTokenValue"] = ->(descriptor = "") { Frond.generate_form_token_value(descriptor.to_s) }
|
|
1888
1891
|
@globals["form_token_value"] = ->(descriptor = "") { Frond.generate_form_token_value(descriptor.to_s) }
|
|
1892
|
+
|
|
1893
|
+
# Debug helper: {{ dump(x) }} — gated on TINA4_DEBUG=true.
|
|
1894
|
+
# Both this global and the |dump filter call Frond.render_dump which
|
|
1895
|
+
# returns an empty SafeString in production so dump never leaks state.
|
|
1896
|
+
@globals["dump"] = ->(value = nil) { Frond.render_dump(value) }
|
|
1897
|
+
end
|
|
1898
|
+
|
|
1899
|
+
# Render a value as a pre-formatted inspect() wrapped in <pre> tags.
|
|
1900
|
+
#
|
|
1901
|
+
# Gated on TINA4_DEBUG=true. In production (TINA4_DEBUG unset or false)
|
|
1902
|
+
# this returns an empty SafeString to avoid leaking internal state,
|
|
1903
|
+
# object shapes, or sensitive values into rendered HTML.
|
|
1904
|
+
#
|
|
1905
|
+
# Shared by the {{ value|dump }} filter and the {{ dump(value) }}
|
|
1906
|
+
# global function so both produce identical output and obey the same
|
|
1907
|
+
# gating.
|
|
1908
|
+
def self.render_dump(value)
|
|
1909
|
+
return SafeString.new("") unless ENV.fetch("TINA4_DEBUG", "").downcase == "true"
|
|
1910
|
+
|
|
1911
|
+
dumped = value.inspect
|
|
1912
|
+
escaped = dumped
|
|
1913
|
+
.gsub("&", "&")
|
|
1914
|
+
.gsub("<", "<")
|
|
1915
|
+
.gsub(">", ">")
|
|
1916
|
+
.gsub('"', """)
|
|
1917
|
+
SafeString.new("<pre>#{escaped}</pre>")
|
|
1889
1918
|
end
|
|
1890
1919
|
|
|
1891
1920
|
# Generate a JWT form token and return a hidden input element.
|
data/lib/tina4/version.rb
CHANGED