mirror of
https://github.com/ruby/ruby.git
synced 2022-11-09 12:17:21 -05:00
* lib/cgi.rb (CGI::unescapeHTML): invalid decoding for single
unescaped ampersand. a patch from Tietew <tietew+ruby-dev at tietew.net> in [ruby-dev:30292]. fixed: [ruby-dev:30289] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@11660 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
parent
ea2dd2e805
commit
d592db9308
2 changed files with 12 additions and 5 deletions
|
@ -17,6 +17,13 @@ Thu Feb 8 15:00:14 2007 Koichi Sasada <ko1@atdot.net>
|
|||
* common.mk: fix around vm_opts.h path
|
||||
and remove harmful argument passed to insns2vm.rb.
|
||||
|
||||
Thu Feb 8 03:11:47 2007 Yukihiro Matsumoto <matz@ruby-lang.org>
|
||||
|
||||
* lib/cgi.rb (CGI::unescapeHTML): invalid decoding for single
|
||||
unescaped ampersand. a patch from Tietew
|
||||
<tietew+ruby-dev at tietew.net> in [ruby-dev:30292].
|
||||
fixed: [ruby-dev:30289]
|
||||
|
||||
Wed Feb 7 23:25:31 2007 Nobuyoshi Nakada <nobu@ruby-lang.org>
|
||||
|
||||
* eval.c (specific_eval): suppress warning.
|
||||
|
|
10
lib/cgi.rb
10
lib/cgi.rb
|
@ -367,13 +367,13 @@ class CGI
|
|||
# CGI::unescapeHTML("Usage: foo "bar" <baz>")
|
||||
# # => "Usage: foo \"bar\" <baz>"
|
||||
def CGI::unescapeHTML(string)
|
||||
string.gsub(/&(.*?);/n) do
|
||||
string.gsub(/&(amp|quot|gt|lt|\#[0-9]+|\#x[0-9A-Fa-f]+);/n) do
|
||||
match = $1.dup
|
||||
case match
|
||||
when /\Aamp\z/ni then '&'
|
||||
when /\Aquot\z/ni then '"'
|
||||
when /\Agt\z/ni then '>'
|
||||
when /\Alt\z/ni then '<'
|
||||
when 'amp' then '&'
|
||||
when 'quot' then '"'
|
||||
when 'gt' then '>'
|
||||
when 'lt' then '<'
|
||||
when /\A#0*(\d+)\z/n then
|
||||
if Integer($1) < 256
|
||||
Integer($1).chr
|
||||
|
|
Loading…
Reference in a new issue