kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

[ruby/cgi] handle invalid encoding

Browse source 
https://github.com/ruby/cgi/commit/2b1c2e21a4
This commit is contained in:
pavel 2020-03-13 18:55:55 +01:00 committed by Hiroshi SHIBATA
parent 53d153e42c
commit 2756938369
No known key found for this signature in database
GPG key ID: F9CF13417264FAC2
1 changed files with 8 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
lib/cgi/util.rb
View file

@ -49,9 +49,12 @@ module CGI::Util
table = Hash[TABLE_FOR_ESCAPE_HTML__.map {|pair|pair.map {|s|s.encode(enc)}}]
string = string.gsub(/#{"['&\"<>]".encode(enc)}/, table)
string.encode!(origenc) if origenc
return string
string
else
string = string.b
string.gsub!(/['&\"<>]/, TABLE_FOR_ESCAPE_HTML__)
string.force_encoding(enc)
end
string.gsub(/['&\"<>]/, TABLE_FOR_ESCAPE_HTML__)
end
begin
@ -90,7 +93,8 @@ module CGI::Util
when Encoding::ISO_8859_1; 256
else 128
end
string.gsub(/&(apos|amp|quot|gt|lt|\#[0-9]+|\#[xX][0-9A-Fa-f]+);/) do
string = string.b
string.gsub!(/&(apos|amp|quot|gt|lt|\#[0-9]+|\#[xX][0-9A-Fa-f]+);/) do
match = $1.dup
case match
when 'apos' then "'"
@ -116,6 +120,7 @@ module CGI::Util
"&#{match};"
end
end
string.force_encoding enc
end
# Synonym for CGI.escapeHTML(str)