diff options
| author | Frederick Cheung <frederick.cheung@gmail.com> | 2008-05-17 19:12:36 +0100 |
|---|---|---|
| committer | Pratik Naik <pratiknaik@gmail.com> | 2008-05-19 10:30:56 +0100 |
| commit | 17d1319c480e58e28641b243da50ae5e5eab89dc (patch) | |
| tree | 511ad2ba892080ec6bd05b9e3659dd326bb18906 /actionpack | |
| parent | c1c1d6c2ea72424dfae0b5ee1991d904dcf0f252 (diff) | |
| download | rails-17d1319c480e58e28641b243da50ae5e5eab89dc.tar.gz rails-17d1319c480e58e28641b243da50ae5e5eab89dc.tar.bz2 rails-17d1319c480e58e28641b243da50ae5e5eab89dc.zip | |
Ensure observe_field encodes value parameter. [#216 state:resolved]
Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
Diffstat (limited to 'actionpack')
| -rw-r--r-- | actionpack/lib/action_view/helpers/prototype_helper.rb | 2 | ||||
| -rw-r--r-- | actionpack/test/template/prototype_helper_test.rb | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/actionpack/lib/action_view/helpers/prototype_helper.rb b/actionpack/lib/action_view/helpers/prototype_helper.rb index 1a0e660d52..04bf5f2a30 100644 --- a/actionpack/lib/action_view/helpers/prototype_helper.rb +++ b/actionpack/lib/action_view/helpers/prototype_helper.rb @@ -1068,7 +1068,7 @@ module ActionView def build_observer(klass, name, options = {}) if options[:with] && (options[:with] !~ /[\{=(.]/) - options[:with] = "'#{options[:with]}=' + value" + options[:with] = "'#{options[:with]}=' + encodeURIComponent(value)" else options[:with] ||= 'value' unless options[:function] end diff --git a/actionpack/test/template/prototype_helper_test.rb b/actionpack/test/template/prototype_helper_test.rb index 9a1079b297..5e00eadb8d 100644 --- a/actionpack/test/template/prototype_helper_test.rb +++ b/actionpack/test/template/prototype_helper_test.rb @@ -219,9 +219,9 @@ class PrototypeHelperTest < PrototypeHelperBaseTest end def test_observe_field_using_with_option - expected = %(<script type=\"text/javascript\">\n//<![CDATA[\nnew Form.Element.Observer('glass', 300, function(element, value) {new Ajax.Request('http://www.example.com/check_value', {asynchronous:true, evalScripts:true, parameters:'id=' + value})})\n//]]>\n</script>) + expected = %(<script type=\"text/javascript\">\n//<![CDATA[\nnew Form.Element.Observer('glass', 300, function(element, value) {new Ajax.Request('http://www.example.com/check_value', {asynchronous:true, evalScripts:true, parameters:'id=' + encodeURIComponent(value)})})\n//]]>\n</script>) assert_dom_equal expected, observe_field("glass", :frequency => 5.minutes, :url => { :action => "check_value" }, :with => 'id') - assert_dom_equal expected, observe_field("glass", :frequency => 5.minutes, :url => { :action => "check_value" }, :with => "'id=' + value") + assert_dom_equal expected, observe_field("glass", :frequency => 5.minutes, :url => { :action => "check_value" }, :with => "'id=' + encodeURIComponent(value)") end def test_observe_field_using_json_in_with_option |