diff options
author | José Valim <jose.valim@gmail.com> | 2011-05-07 03:44:19 -0700 |
---|---|---|
committer | José Valim <jose.valim@gmail.com> | 2011-05-07 03:44:19 -0700 |
commit | 0e886fe10e396bf4842c86de56f23d05c5d34eae (patch) | |
tree | c3ff698c56b7ad3cf7351da698e340d5e76f0c6c /actionpack | |
parent | aaf01cd53718c8aa5b69ac056b997e6dd9893777 (diff) | |
parent | 2adeaa9c90b7559387b55e7a24a7eb82671c88cc (diff) | |
download | rails-0e886fe10e396bf4842c86de56f23d05c5d34eae.tar.gz rails-0e886fe10e396bf4842c86de56f23d05c5d34eae.tar.bz2 rails-0e886fe10e396bf4842c86de56f23d05c5d34eae.zip |
Merge pull request #280 from jballanc/frozen-string-strip-tags
Stripping tags from a frozen string
Diffstat (limited to 'actionpack')
-rw-r--r-- | actionpack/lib/action_controller/vendor/html-scanner/html/sanitizer.rb | 2 | ||||
-rw-r--r-- | actionpack/test/template/html-scanner/sanitizer_test.rb | 1 |
2 files changed, 2 insertions, 1 deletions
diff --git a/actionpack/lib/action_controller/vendor/html-scanner/html/sanitizer.rb b/actionpack/lib/action_controller/vendor/html-scanner/html/sanitizer.rb index 09dd08898c..91a97c02ff 100644 --- a/actionpack/lib/action_controller/vendor/html-scanner/html/sanitizer.rb +++ b/actionpack/lib/action_controller/vendor/html-scanner/html/sanitizer.rb @@ -33,7 +33,7 @@ module HTML result = super # strip any comments, and if they have a newline at the end (ie. line with # only a comment) strip that too - result.gsub!(/<!--(.*?)-->[\n]?/m, "") if result + result = result.gsub(/<!--(.*?)-->[\n]?/m, "") if (result && result =~ /<!--(.*?)-->[\n]?/m) # Recurse - handle all dirty nested tags result == text ? result : sanitize(result, options) end diff --git a/actionpack/test/template/html-scanner/sanitizer_test.rb b/actionpack/test/template/html-scanner/sanitizer_test.rb index fcc3782f04..678cb9eeeb 100644 --- a/actionpack/test/template/html-scanner/sanitizer_test.rb +++ b/actionpack/test/template/html-scanner/sanitizer_test.rb @@ -20,6 +20,7 @@ class SanitizerTest < ActionController::TestCase assert_equal "This has a here.", sanitizer.sanitize("This has a <![CDATA[<section>]]> here.") assert_equal "This has an unclosed ", sanitizer.sanitize("This has an unclosed <![CDATA[<section>]] here...") [nil, '', ' '].each { |blank| assert_equal blank, sanitizer.sanitize(blank) } + assert_nothing_raised { sanitizer.sanitize("This is a frozen string with no tags".freeze) } end def test_strip_links |