Embed URL

HTTPS clone URL

SSH clone URL

You can clone with HTTPS or SSH.

Download Gist

Rails Lighthouse ticket #4858

View 0003-disable-erb-escaping-non-html-templates.patch
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
From 91ccb92723925181c26c0edfb4cf621e2e6dfc20 Mon Sep 17 00:00:00 2001
From: Jan Maurits Faber <jmfaber@supersaas.com>
Date: Thu, 11 Nov 2010 17:35:21 +0100
Subject: [PATCH 3/3] Disable Erb escaping non-HTML templates
 
---
.../lib/action_view/template/handlers/erb.rb | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
 
diff --git a/actionpack/lib/action_view/template/handlers/erb.rb b/actionpack/lib/action_view/template/handlers/erb.rb
index 4c1f3d7..2537958 100644
--- a/actionpack/lib/action_view/template/handlers/erb.rb
+++ b/actionpack/lib/action_view/template/handlers/erb.rb
@@ -97,7 +97,8 @@ module ActionView
self.class.erb_implementation.new(
erb,
- :trim => (self.class.erb_trim_mode == "-")
+ :trim => (self.class.erb_trim_mode == "-"),
+ :escape => template.identifier !~ /\.html/
).src
end
--
1.7.3.1
 
View 0003-disable-erb-escaping-non-html-templates.patch
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36
module ActionView
class Template
module Handlers
class ERB < Handler
include Compilable
 
def compile(template)
if template.source.encoding_aware?
# First, convert to BINARY, so in case the encoding is
# wrong, we can still find an encoding tag
# (<%# encoding %>) inside the String using a regular
# expression
template_source = template.source.dup.force_encoding("BINARY")
 
erb = template_source.gsub(ENCODING_TAG, '')
encoding = $2
 
erb.force_encoding valid_encoding(template.source.dup, encoding)
 
# Always make sure we return a String in the default_internal
erb.encode!
else
erb = template.source.dup
end
 
self.class.erb_implementation.new(
erb,
:trim => (self.class.erb_trim_mode == "-"),
:escape => template.identifier !~ /\.html/ # only escape HTML templates
).src
end
 
end
end
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.