kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity

HTML safety: fix textarea with nil content

Browse source
This commit is contained in:
Jeremy Kemper 2010-05-24 20:13:07 -07:00
parent b5f9c8822d
commit d8d38bedfd
2 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
actionpack/lib/action_view/helpers/form_tag_helper.rb
View file

@ -293,7 +293,7 @@ module ActionView
escape = options.key?("escape") ? options.delete("escape") : true escape = options.key?("escape") ? options.delete("escape") : true
content = html_escape(content) if escape content = html_escape(content) if escape
content_tag :textarea, content.html_safe, { "name" => name, "id" => sanitize_to_id(name) }.update(options) content_tag :textarea, content.to_s.html_safe, { "name" => name, "id" => sanitize_to_id(name) }.update(options)
end end
# Creates a check box form input tag. # Creates a check box form input tag.

6
actionpack/test/template/form_tag_helper_test.rb
View file

@ -206,6 +206,12 @@ class FormTagHelperTest < ActionView::TestCase
assert_dom_equal expected, actual assert_dom_equal expected, actual
end end
def test_text_area_tag_unescaped_nil_content
actual = text_area_tag "body", nil, :escape => false
expected = %(<textarea id="body" name="body"></textarea>)
assert_dom_equal expected, actual
end
def test_text_field_tag def test_text_field_tag
actual = text_field_tag "title", "Hello!" actual = text_field_tag "title", "Hello!"
expected = %(<input id="title" name="title" type="text" value="Hello!" />) expected = %(<input id="title" name="title" type="text" value="Hello!" />)