kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity

Add proper fix to mail_to helper.

Browse source 
* Fix the problem on manipulating on the `ActiveSupport::SafeBuffer`
* Make sure that we run `escape_javascript` on the `String`, to avoid unexpected behavior.
This commit is contained in:
Prem Sichanugrist 2011-06-08 01:51:48 -04:00
parent 07f2481e15
commit 9e2e242655
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
actionpack/lib/action_view/helpers/url_helper.rb
View file

@ -497,14 +497,14 @@ module ActionView
}.compact }.compact
extras = extras.empty? ? '' : '?' + ERB::Util.html_escape(extras.join('&')) extras = extras.empty? ? '' : '?' + ERB::Util.html_escape(extras.join('&'))
email_address_obfuscated = email_address.dup email_address_obfuscated = email_address.to_str
email_address_obfuscated.gsub!(/@/, html_options.delete("replace_at")) if html_options.key?("replace_at") email_address_obfuscated.gsub!(/@/, html_options.delete("replace_at")) if html_options.key?("replace_at")
email_address_obfuscated.gsub!(/\./, html_options.delete("replace_dot")) if html_options.key?("replace_dot") email_address_obfuscated.gsub!(/\./, html_options.delete("replace_dot")) if html_options.key?("replace_dot")
case encode case encode
when "javascript" when "javascript"
string = '' string = ''
html = content_tag("a", name || email_address_obfuscated.html_safe, html_options.merge("href" => "mailto:#{email_address}#{extras}".html_safe)) html = content_tag("a", name || email_address_obfuscated.html_safe, html_options.merge("href" => "mailto:#{email_address}#{extras}".html_safe))
html = escape_javascript(html) html = escape_javascript(html.to_str)
"document.write('#{html}');".each_byte do |c| "document.write('#{html}');".each_byte do |c|
string << sprintf("%%%x", c) string << sprintf("%%%x", c)
end end