mirror of
https://github.com/rails/rails.git
synced 2022-11-09 12:12:34 -05:00
Move escape_once logic to ERB::Util, where it belongs to
All the logic is based on the HTML_ESCAPE constant available in ERB::Util, so it seems more logic to have the entire method there and just delegate the helper to use it.
This commit is contained in:
parent
0eb4673697
commit
608eddc6f5
4 changed files with 32 additions and 1 deletions
|
@ -118,7 +118,7 @@ module ActionView
|
|||
# escape_once("<< Accept & Checkout")
|
||||
# # => "<< Accept & Checkout"
|
||||
def escape_once(html)
|
||||
html.to_s.gsub(/[\"><]|&(?!([a-zA-Z]+|(#\d+));)/) { |special| ERB::Util::HTML_ESCAPE[special] }
|
||||
ERB::Util.html_escape_once(html)
|
||||
end
|
||||
|
||||
private
|
||||
|
|
|
@ -44,4 +44,18 @@ class ErbUtilTest < ActiveSupport::TestCase
|
|||
assert_equal chr, html_escape(chr)
|
||||
end
|
||||
end
|
||||
|
||||
def test_html_escape_once
|
||||
assert_equal '1 < 2 & 3', html_escape_once('1 < 2 & 3')
|
||||
end
|
||||
|
||||
def test_html_escape_once_returns_unsafe_strings_when_passed_unsafe_strings
|
||||
value = html_escape_once('1 < 2 & 3')
|
||||
assert !value.html_safe?
|
||||
end
|
||||
|
||||
def test_html_escape_once_returns_safe_strings_when_passed_safe_strings
|
||||
value = html_escape_once('1 < 2 & 3'.html_safe)
|
||||
assert value.html_safe?
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
## Rails 4.0.0 (unreleased) ##
|
||||
|
||||
* Add html_escape_once to ERB::Util, and delegate escape_once tag helper to it. *Carlos Antonio da Silva*
|
||||
|
||||
* Remove ActiveSupport::TestCase#pending method, use `skip` instead. *Carlos Antonio da Silva*
|
||||
|
||||
* Deprecates the compatibility method Module#local_constant_names,
|
||||
|
|
|
@ -33,6 +33,21 @@ class ERB
|
|||
singleton_class.send(:remove_method, :html_escape)
|
||||
module_function :html_escape
|
||||
|
||||
# Returns an escaped version of +html+ without affecting existing escaped entities.
|
||||
#
|
||||
# ==== Examples
|
||||
# html_escape_once("1 < 2 & 3")
|
||||
# # => "1 < 2 & 3"
|
||||
#
|
||||
# html_escape_once("<< Accept & Checkout")
|
||||
# # => "<< Accept & Checkout"
|
||||
def html_escape_once(s)
|
||||
result = s.to_s.gsub(/[\"><]|&(?!([a-zA-Z]+|(#\d+));)/) { |special| HTML_ESCAPE[special] }
|
||||
s.html_safe? ? result.html_safe : result
|
||||
end
|
||||
|
||||
module_function :html_escape_once
|
||||
|
||||
# A utility method for escaping HTML entities in JSON strings
|
||||
# using \uXXXX JavaScript escape sequences for string literals:
|
||||
#
|
||||
|
|
Loading…
Reference in a new issue