diff options
author | Damien Mathieu <42@dmathieu.com> | 2011-09-08 09:53:41 +0200 |
---|---|---|
committer | Damien Mathieu <42@dmathieu.com> | 2011-09-08 10:22:21 +0200 |
commit | e9f48cdcf482c5a878267a18fb9ed352f5f30dea (patch) | |
tree | f94a2c66545814c4536a0745b7b8026867d6b2ee /activesupport/lib/active_support/core_ext/string/output_safety.rb | |
parent | e1b500ec96987de595da1541a73a7d5fb9eece9c (diff) | |
download | rails-e9f48cdcf482c5a878267a18fb9ed352f5f30dea.tar.gz rails-e9f48cdcf482c5a878267a18fb9ed352f5f30dea.tar.bz2 rails-e9f48cdcf482c5a878267a18fb9ed352f5f30dea.zip |
make gsub and sub unavailable in SafeBuffers - Closes #1555
Diffstat (limited to 'activesupport/lib/active_support/core_ext/string/output_safety.rb')
-rw-r--r-- | activesupport/lib/active_support/core_ext/string/output_safety.rb | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/activesupport/lib/active_support/core_ext/string/output_safety.rb b/activesupport/lib/active_support/core_ext/string/output_safety.rb index f111c8e5a3..24b617578f 100644 --- a/activesupport/lib/active_support/core_ext/string/output_safety.rb +++ b/activesupport/lib/active_support/core_ext/string/output_safety.rb @@ -75,7 +75,8 @@ end module ActiveSupport #:nodoc: class SafeBuffer < String - UNSAFE_STRING_METHODS = ["capitalize", "chomp", "chop", "delete", "downcase", "gsub", "lstrip", "next", "reverse", "rstrip", "slice", "squeeze", "strip", "sub", "succ", "swapcase", "tr", "tr_s", "upcase"].freeze + UNSAFE_STRING_METHODS = ["capitalize", "chomp", "chop", "delete", "downcase", "lstrip", "next", "reverse", "rstrip", "slice", "squeeze", "strip", "succ", "swapcase", "tr", "tr_s", "upcase"].freeze + UNAVAILABLE_STRING_METHODS = ["gsub", "sub"] alias_method :original_concat, :concat private :original_concat @@ -143,17 +144,29 @@ module ActiveSupport #:nodoc: UNSAFE_STRING_METHODS.each do |unsafe_method| class_eval <<-EOT, __FILE__, __LINE__ - def #{unsafe_method}(*args, &block) # def gsub(*args, &block) + def #{unsafe_method}(*args, &block) # def capitalize(*args, &block) to_str.#{unsafe_method}(*args, &block) # to_str.gsub(*args, &block) end # end - def #{unsafe_method}!(*args) # def gsub!(*args) + def #{unsafe_method}!(*args) # def capitalize!(*args) @dirty = true # @dirty = true super # super end # end EOT end + UNAVAILABLE_STRING_METHODS.each do |unavailable_method| + class_eval <<-EOT, __FILE__, __LINE__ + def #{unavailable_method}(*args) # def gsub(*args) + raise NoMethodError, "#{unavailable_method} cannot be used with a Safe Buffer object. You should use object.to_str.#{unavailable_method}" + end # end + + def #{unavailable_method}!(*args) # def gsub!(*args) + raise NoMethodError, "#{unavailable_method} cannot be used with a Safe Buffer object. You should use object.to_str.#{unavailable_method}" + end # end + EOT + end + protected def dirty? |