diff options
| author | Jeremy Kemper <jeremy@bitsweat.net> | 2012-12-03 10:30:58 -0700 |
|---|---|---|
| committer | Jeremy Kemper <jeremy@bitsweat.net> | 2012-12-03 10:31:18 -0700 |
| commit | 2797757919e95177c42d70c178e16c88828b674a (patch) | |
| tree | 53ebbc0d628ae0697f27ff66c2d7df542d07b309 /actionpack/lib/action_view/template/handlers/erb.rb | |
| parent | d7fdcc87171ca0098522c05f844b3ec24a14b0b7 (diff) | |
| download | rails-2797757919e95177c42d70c178e16c88828b674a.tar.gz rails-2797757919e95177c42d70c178e16c88828b674a.tar.bz2 rails-2797757919e95177c42d70c178e16c88828b674a.zip | |
Override <%== to always behave as literal text rather than toggling based on whether escaping is enabled. Fixes that existing plaintext email templates using <%== unexpectedly flipped to *escaping* HTML when #8235 was merged.
Diffstat (limited to 'actionpack/lib/action_view/template/handlers/erb.rb')
| -rw-r--r-- | actionpack/lib/action_view/template/handlers/erb.rb | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/actionpack/lib/action_view/template/handlers/erb.rb b/actionpack/lib/action_view/template/handlers/erb.rb index 731d8f9dab..afbbece90f 100644 --- a/actionpack/lib/action_view/template/handlers/erb.rb +++ b/actionpack/lib/action_view/template/handlers/erb.rb @@ -14,6 +14,17 @@ module ActionView src << "@output_buffer.safe_concat('" << escape_text(text) << "');" end + # Erubis toggles <%= and <%== behavior when escaping is enabled. + # We override to always treat <%== as escaped. + def add_expr(src, code, indicator) + case indicator + when '==' + add_expr_escaped(src, code) + else + super + end + end + BLOCK_EXPR = /\s+(do|\{)(\s*\|[^|]*\|)?\s*\Z/ def add_expr_literal(src, code) |