diff options
| author | Aaron Patterson <aaron.patterson@gmail.com> | 2011-04-05 13:59:35 -0700 |
|---|---|---|
| committer | Aaron Patterson <aaron.patterson@gmail.com> | 2011-04-05 16:22:53 -0700 |
| commit | 2e757bc298cef715e5c56945161bbd84f2610729 (patch) | |
| tree | c252a10dad3897ff09f1931a0bb0bb132c7dd375 | |
| parent | e9020b4b5dbd4a19e288c613a86c78e32010c361 (diff) | |
| download | rails-2e757bc298cef715e5c56945161bbd84f2610729.tar.gz rails-2e757bc298cef715e5c56945161bbd84f2610729.tar.bz2 rails-2e757bc298cef715e5c56945161bbd84f2610729.zip | |
do not return html safe strings from auto_link
| -rw-r--r-- | actionpack/lib/action_view/helpers/text_helper.rb | 4 | ||||
| -rw-r--r-- | actionpack/test/template/text_helper_test.rb | 16 |
2 files changed, 13 insertions, 7 deletions
diff --git a/actionpack/lib/action_view/helpers/text_helper.rb b/actionpack/lib/action_view/helpers/text_helper.rb index 2d3c5fe7e7..bdda1df437 100644 --- a/actionpack/lib/action_view/helpers/text_helper.rb +++ b/actionpack/lib/action_view/helpers/text_helper.rb @@ -303,7 +303,7 @@ module ActionView # # => "Welcome to my new blog at <a href=\"http://www.myblog.com/\" target=\"_blank\">http://www.myblog.com</a>. # Please e-mail me at <a href=\"mailto:me@email.com\">me@email.com</a>." def auto_link(text, *args, &block)#link = :all, html = {}, &block) - return ''.html_safe if text.blank? + return '' if text.blank? options = args.size == 2 ? {} : args.extract_options! # this is necessary because the old auto_link API has a Hash as its last parameter unless args.empty? @@ -507,7 +507,7 @@ module ActionView end content_tag(:a, link_text, link_attributes.merge('href' => href), !!options[:sanitize]) + punctuation.reverse.join('') end - end.html_safe + end end # Turns all email addresses into clickable links. If a block is given, diff --git a/actionpack/test/template/text_helper_test.rb b/actionpack/test/template/text_helper_test.rb index d0d4286393..a4fcff5167 100644 --- a/actionpack/test/template/text_helper_test.rb +++ b/actionpack/test/template/text_helper_test.rb @@ -315,14 +315,20 @@ class TextHelperTest < ActionView::TestCase end end - def test_auto_link_should_be_html_safe + def test_auto_link_should_not_be_html_safe email_raw = 'santiago@wyeworks.com' link_raw = 'http://www.rubyonrails.org' - assert auto_link(nil).html_safe? - assert auto_link('').html_safe? - assert auto_link("#{link_raw} #{link_raw} #{link_raw}").html_safe? - assert auto_link("hello #{email_raw}").html_safe? + assert !auto_link(nil).html_safe?, 'should not be html safe' + assert !auto_link('').html_safe?, 'should not be html safe' + assert !auto_link("#{link_raw} #{link_raw} #{link_raw}").html_safe?, 'should not be html safe' + assert !auto_link("hello #{email_raw}").html_safe?, 'should not be html safe' + end + + def test_auto_link_email_address + email_raw = 'aaron@tenderlovemaking.com' + email_result = %{<a href="mailto:#{email_raw}">#{email_raw}</a>} + assert !auto_link_email_addresses(email_result).html_safe?, 'should not be html safe' end def test_auto_link |