kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity

ensuring that json_escape returns html safe strings when passed an html safe string

Browse source
This commit is contained in:
Aaron Patterson 2011-06-09 15:29:17 -07:00
parent 84f71e42b7
commit 0b02284545
2 changed files with 12 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
actionpack/test/template/erb_util_test.rb
View file

@ -16,6 +16,16 @@ class ErbUtilTest < Test::Unit::TestCase
end
end
def test_json_escape_returns_unsafe_strings_when_passed_unsafe_strings
value = json_escape("asdf")
assert !value.html_safe?
end
def test_json_escape_returns_safe_strings_when_passed_safe_strings
value = json_escape("asdf".html_safe)
assert value.html_safe?
end
def test_html_escape_is_html_safe
escaped = h("<p>")
assert_equal "&lt;p&gt;", escaped

3
activesupport/lib/active_support/core_ext/string/output_safety.rb
View file

@ -51,7 +51,8 @@ class ERB
# <%=j @person.to_json %>
#
def json_escape(s)
s.to_s.gsub(/[&"><]/) { |special| JSON_ESCAPE[special] }
result = s.to_s.gsub(/[&"><]/) { |special| JSON_ESCAPE[special] }
s.html_safe? ? result.html_safe : result
end
alias j json_escape