diff options
| author | Prem Sichanugrist <s@sikachu.com> | 2011-06-08 01:51:48 -0400 |
|---|---|---|
| committer | Prem Sichanugrist <s@sikachu.com> | 2011-06-08 02:30:50 -0400 |
| commit | 9e2e24265510572a6574d38ba2af83fdf734ab54 (patch) | |
| tree | 13bf6d97872f413d2f64266af87f495ad5a77aef /actionpack | |
| parent | 07f2481e152502050f23834596efc76f4a208fc3 (diff) | |
| download | rails-9e2e24265510572a6574d38ba2af83fdf734ab54.tar.gz rails-9e2e24265510572a6574d38ba2af83fdf734ab54.tar.bz2 rails-9e2e24265510572a6574d38ba2af83fdf734ab54.zip | |
Add proper fix to `mail_to` helper.
* Fix the problem on manipulating on the `ActiveSupport::SafeBuffer`
* Make sure that we run `escape_javascript` on the `String`, to avoid unexpected behavior.
Diffstat (limited to 'actionpack')
| -rw-r--r-- | actionpack/lib/action_view/helpers/url_helper.rb | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/actionpack/lib/action_view/helpers/url_helper.rb b/actionpack/lib/action_view/helpers/url_helper.rb index 25411856cb..489b96856d 100644 --- a/actionpack/lib/action_view/helpers/url_helper.rb +++ b/actionpack/lib/action_view/helpers/url_helper.rb @@ -497,14 +497,14 @@ module ActionView }.compact extras = extras.empty? ? '' : '?' + ERB::Util.html_escape(extras.join('&')) - email_address_obfuscated = email_address.dup + email_address_obfuscated = email_address.to_str email_address_obfuscated.gsub!(/@/, html_options.delete("replace_at")) if html_options.key?("replace_at") email_address_obfuscated.gsub!(/\./, html_options.delete("replace_dot")) if html_options.key?("replace_dot") case encode when "javascript" string = '' html = content_tag("a", name || email_address_obfuscated.html_safe, html_options.merge("href" => "mailto:#{email_address}#{extras}".html_safe)) - html = escape_javascript(html) + html = escape_javascript(html.to_str) "document.write('#{html}');".each_byte do |c| string << sprintf("%%%x", c) end |