aboutsummaryrefslogtreecommitdiffstats
path: root/activesupport/lib/active_support/core_ext/string
diff options
context:
space:
mode:
authorJosé Valim <jose.valim@gmail.com>2011-09-08 01:26:55 -0700
committerJosé Valim <jose.valim@gmail.com>2011-09-08 01:26:55 -0700
commitb4a6e2f8442ceda118367f9a61c38af754be1cbf (patch)
tree81a0710cb8f3ddd4a2b77d894b021f777f429a8e /activesupport/lib/active_support/core_ext/string
parente1b500ec96987de595da1541a73a7d5fb9eece9c (diff)
parent3718ccd2a61c2c189913bcfd487912f592fa0660 (diff)
downloadrails-b4a6e2f8442ceda118367f9a61c38af754be1cbf.tar.gz
rails-b4a6e2f8442ceda118367f9a61c38af754be1cbf.tar.bz2
rails-b4a6e2f8442ceda118367f9a61c38af754be1cbf.zip
Merge pull request #2248 from dmathieu/safe_gsub
make gsub and sub unavailable in SafeBuffers - Closes #1555
Diffstat (limited to 'activesupport/lib/active_support/core_ext/string')
-rw-r--r--activesupport/lib/active_support/core_ext/string/output_safety.rb19
1 files changed, 16 insertions, 3 deletions
diff --git a/activesupport/lib/active_support/core_ext/string/output_safety.rb b/activesupport/lib/active_support/core_ext/string/output_safety.rb
index f111c8e5a3..24b617578f 100644
--- a/activesupport/lib/active_support/core_ext/string/output_safety.rb
+++ b/activesupport/lib/active_support/core_ext/string/output_safety.rb
@@ -75,7 +75,8 @@ end
module ActiveSupport #:nodoc:
class SafeBuffer < String
- UNSAFE_STRING_METHODS = ["capitalize", "chomp", "chop", "delete", "downcase", "gsub", "lstrip", "next", "reverse", "rstrip", "slice", "squeeze", "strip", "sub", "succ", "swapcase", "tr", "tr_s", "upcase"].freeze
+ UNSAFE_STRING_METHODS = ["capitalize", "chomp", "chop", "delete", "downcase", "lstrip", "next", "reverse", "rstrip", "slice", "squeeze", "strip", "succ", "swapcase", "tr", "tr_s", "upcase"].freeze
+ UNAVAILABLE_STRING_METHODS = ["gsub", "sub"]
alias_method :original_concat, :concat
private :original_concat
@@ -143,17 +144,29 @@ module ActiveSupport #:nodoc:
UNSAFE_STRING_METHODS.each do |unsafe_method|
class_eval <<-EOT, __FILE__, __LINE__
- def #{unsafe_method}(*args, &block) # def gsub(*args, &block)
+ def #{unsafe_method}(*args, &block) # def capitalize(*args, &block)
to_str.#{unsafe_method}(*args, &block) # to_str.gsub(*args, &block)
end # end
- def #{unsafe_method}!(*args) # def gsub!(*args)
+ def #{unsafe_method}!(*args) # def capitalize!(*args)
@dirty = true # @dirty = true
super # super
end # end
EOT
end
+ UNAVAILABLE_STRING_METHODS.each do |unavailable_method|
+ class_eval <<-EOT, __FILE__, __LINE__
+ def #{unavailable_method}(*args) # def gsub(*args)
+ raise NoMethodError, "#{unavailable_method} cannot be used with a Safe Buffer object. You should use object.to_str.#{unavailable_method}"
+ end # end
+
+ def #{unavailable_method}!(*args) # def gsub!(*args)
+ raise NoMethodError, "#{unavailable_method} cannot be used with a Safe Buffer object. You should use object.to_str.#{unavailable_method}"
+ end # end
+ EOT
+ end
+
protected
def dirty?
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-24 03:51:45 +0000