diff options
| author | David Heinemeier Hansson <david@loudthinking.com> | 2008-05-01 17:56:32 -0500 |
|---|---|---|
| committer | David Heinemeier Hansson <david@loudthinking.com> | 2008-05-01 17:56:32 -0500 |
| commit | f6ec296ad84ac7e321980cfdd8bba2ea6ce3a14b (patch) | |
| tree | b6478394f9ac4e475892130cf3e128dfd48b82bb /actionpack | |
| parent | 12288a034120e8b1f90fcd4ae5881a858fd1425e (diff) | |
| download | rails-f6ec296ad84ac7e321980cfdd8bba2ea6ce3a14b.tar.gz rails-f6ec296ad84ac7e321980cfdd8bba2ea6ce3a14b.tar.bz2 rails-f6ec296ad84ac7e321980cfdd8bba2ea6ce3a14b.zip | |
Fixed that TextHelper#text_field would corrypt when raw HTML was used as the value (mchenryc, Kevin Glowacz) [#80 state:resolved]
Diffstat (limited to 'actionpack')
| -rw-r--r-- | actionpack/CHANGELOG | 2 | ||||
| -rw-r--r-- | actionpack/lib/action_view/helpers/form_helper.rb | 1 | ||||
| -rw-r--r-- | actionpack/test/template/form_helper_test.rb | 16 |
3 files changed, 19 insertions, 0 deletions
diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG index 65a5934bba..54030047ba 100644 --- a/actionpack/CHANGELOG +++ b/actionpack/CHANGELOG @@ -1,5 +1,7 @@ *SVN* +* Fixed that TextHelper#text_field would corrypt when raw HTML was used as the value (mchenryc, Kevin Glowacz) [#80] + * Added ActionController::TestCase#rescue_action_in_public! to control whether the action under test should use the regular rescue_action path instead of simply raising the exception inline (great for error testing) [DHH] * Reduce number of instance variables being copied from controller to view. [Pratik] diff --git a/actionpack/lib/action_view/helpers/form_helper.rb b/actionpack/lib/action_view/helpers/form_helper.rb index 4459ccbce5..65f4fb6e45 100644 --- a/actionpack/lib/action_view/helpers/form_helper.rb +++ b/actionpack/lib/action_view/helpers/form_helper.rb @@ -486,6 +486,7 @@ module ActionView end options["type"] = field_type options["value"] ||= value_before_type_cast(object) unless field_type == "file" + options["value"] &&= html_escape(options["value"]) add_default_name_and_id(options) tag("input", options) end diff --git a/actionpack/test/template/form_helper_test.rb b/actionpack/test/template/form_helper_test.rb index b4857fcb62..204575fd89 100644 --- a/actionpack/test/template/form_helper_test.rb +++ b/actionpack/test/template/form_helper_test.rb @@ -104,6 +104,14 @@ class FormHelperTest < ActionView::TestCase ) end + def test_text_field_with_html_entities + @post.title = "The HTML Entity for & is &" + assert_dom_equal( + '<input id="post_title" name="post[title]" size="30" type="text" value="The HTML Entity for & is &amp;" />', + text_field("post", "title") + ) + end + def test_text_field_with_options expected = '<input id="post_title" name="post[title]" size="35" type="text" value="Hello World" />' assert_dom_equal expected, text_field("post", "title", "size" => 35) @@ -227,6 +235,14 @@ class FormHelperTest < ActionView::TestCase ) end + def test_text_area_with_html_entities + @post.body = "The HTML Entity for & is &" + assert_dom_equal( + '<textarea cols="40" id="post_body" name="post[body]" rows="20">The HTML Entity for & is &amp;</textarea>', + text_area("post", "body") + ) + end + def test_text_area_with_size_option assert_dom_equal( '<textarea cols="183" id="post_body" name="post[body]" rows="820">Back to the hill and over it again!</textarea>', |