diff options
| author | Chris Mear <chris@feedmechocolate.com> | 2009-02-19 14:16:10 +0000 |
|---|---|---|
| committer | Michael Koziarski <michael@koziarski.com> | 2009-06-27 13:16:52 +1200 |
| commit | 085db5e128ad4ad8fd042776722c78e194c6d0a4 (patch) | |
| tree | f2d54c38a4a4a08cd2b4d5fa74717ad7c07a25cc /actionpack | |
| parent | 68b02cb00aae4f4ee1b2b9b1eadb6951b747c181 (diff) | |
| download | rails-085db5e128ad4ad8fd042776722c78e194c6d0a4.tar.gz rails-085db5e128ad4ad8fd042776722c78e194c6d0a4.tar.bz2 rails-085db5e128ad4ad8fd042776722c78e194c6d0a4.zip | |
Make text_area_tag escape contents by default.
Signed-off-by: Michael Koziarski <michael@koziarski.com>
[#2015 state:committed]
Diffstat (limited to 'actionpack')
| -rw-r--r-- | actionpack/lib/action_view/helpers/form_tag_helper.rb | 5 | ||||
| -rw-r--r-- | actionpack/test/template/form_tag_helper_test.rb | 12 |
2 files changed, 17 insertions, 0 deletions
diff --git a/actionpack/lib/action_view/helpers/form_tag_helper.rb b/actionpack/lib/action_view/helpers/form_tag_helper.rb index 8ab78e7bc6..ca6ba501e2 100644 --- a/actionpack/lib/action_view/helpers/form_tag_helper.rb +++ b/actionpack/lib/action_view/helpers/form_tag_helper.rb @@ -231,6 +231,8 @@ module ActionView # * <tt>:rows</tt> - Specify the number of rows in the textarea # * <tt>:cols</tt> - Specify the number of columns in the textarea # * <tt>:disabled</tt> - If set to true, the user will not be able to use this input. + # * <tt>:escape</tt> - By default, the contents of the text input are HTML escaped. + # If you need unescaped contents, set this to false. # * Any other key creates standard HTML attributes for the tag. # # ==== Examples @@ -258,6 +260,9 @@ module ActionView options["cols"], options["rows"] = size.split("x") if size.respond_to?(:split) end + escape = options.key?("escape") ? options.delete("escape") : true + content = html_escape(content) if escape + content_tag :textarea, content, { "name" => name, "id" => sanitize_to_id(name) }.update(options.stringify_keys) end diff --git a/actionpack/test/template/form_tag_helper_test.rb b/actionpack/test/template/form_tag_helper_test.rb index 09d199b75d..f387123117 100644 --- a/actionpack/test/template/form_tag_helper_test.rb +++ b/actionpack/test/template/form_tag_helper_test.rb @@ -159,6 +159,18 @@ class FormTagHelperTest < ActionView::TestCase assert_match VALID_HTML_ID, input_elem['id'] end + def test_text_area_tag_escape_content + actual = text_area_tag "body", "<b>hello world</b>", :size => "20x40" + expected = %(<textarea cols="20" id="body" name="body" rows="40"><b>hello world</b></textarea>) + assert_dom_equal expected, actual + end + + def test_text_area_tag_unescaped_content + actual = text_area_tag "body", "<b>hello world</b>", :size => "20x40", :escape => false + expected = %(<textarea cols="20" id="body" name="body" rows="40"><b>hello world</b></textarea>) + assert_dom_equal expected, actual + end + def test_text_field_tag actual = text_field_tag "title", "Hello!" expected = %(<input id="title" name="title" type="text" value="Hello!" />) |