diff options
| author | Yehuda Katz <wycats@Yehuda-Katz.local> | 2010-01-31 19:17:42 -0800 |
|---|---|---|
| committer | Yehuda Katz <wycats@Yehuda-Katz.local> | 2010-01-31 19:39:13 -0800 |
| commit | 4cbb9db0a5ff65b0a626a5b043331abefd89e717 (patch) | |
| tree | a112ce55f5521ff31abf0e4357afcc170fc0a143 /actionpack/lib/action_view/erb | |
| parent | 1c83fd2eff3fd174e1aba0512aa2dd8ecdadb2c7 (diff) | |
| download | rails-4cbb9db0a5ff65b0a626a5b043331abefd89e717.tar.gz rails-4cbb9db0a5ff65b0a626a5b043331abefd89e717.tar.bz2 rails-4cbb9db0a5ff65b0a626a5b043331abefd89e717.zip | |
For performance reasons, you can no longer call html_safe! on Strings. Instead, all Strings are always not html_safe?. Instead, you can get a SafeBuffer from a String by calling #html_safe, which will SafeBuffer.new(self).
* Additionally, instead of doing concat("</form>".html_safe), you can do
safe_concat("</form>"), which will skip both the flag set, and the flag
check.
* For the first pass, I converted virtually all #html_safe!s to #html_safe,
and the tests pass. A further optimization would be to try to use
#safe_concat as much as possible, reducing the performance impact if
we know up front that a String is safe.
Diffstat (limited to 'actionpack/lib/action_view/erb')
| -rw-r--r-- | actionpack/lib/action_view/erb/util.rb | 49 |
1 files changed, 0 insertions, 49 deletions
diff --git a/actionpack/lib/action_view/erb/util.rb b/actionpack/lib/action_view/erb/util.rb deleted file mode 100644 index aef859b3ac..0000000000 --- a/actionpack/lib/action_view/erb/util.rb +++ /dev/null @@ -1,49 +0,0 @@ -require 'erb' - -class ERB - module Util - HTML_ESCAPE = { '&' => '&', '>' => '>', '<' => '<', '"' => '"' } - JSON_ESCAPE = { '&' => '\u0026', '>' => '\u003E', '<' => '\u003C' } - - # A utility method for escaping HTML tag characters. - # This method is also aliased as <tt>h</tt>. - # - # In your ERb templates, use this method to escape any unsafe content. For example: - # <%=h @person.name %> - # - # ==== Example: - # puts html_escape("is a > 0 & a < 10?") - # # => is a > 0 & a < 10? - def html_escape(s) - s = s.to_s - if s.html_safe? - s - else - s.gsub(/[&"><]/) { |special| HTML_ESCAPE[special] }.html_safe! - end - end - - undef :h - alias h html_escape - - module_function :html_escape - module_function :h - - # A utility method for escaping HTML entities in JSON strings. - # This method is also aliased as <tt>j</tt>. - # - # In your ERb templates, use this method to escape any HTML entities: - # <%=j @person.to_json %> - # - # ==== Example: - # puts json_escape("is a > 0 & a < 10?") - # # => is a \u003E 0 \u0026 a \u003C 10? - def json_escape(s) - s.to_s.gsub(/[&"><]/) { |special| JSON_ESCAPE[special] } - end - - alias j json_escape - module_function :j - module_function :json_escape - end -end |