diff options
author | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2012-08-02 17:28:19 -0300 |
---|---|---|
committer | Santiago Pastorino <santiago@wyeworks.com> | 2012-08-02 17:32:44 -0300 |
commit | ebddf75097785fca450d91c5d7b3fff7db8d2a5c (patch) | |
tree | ab05046bf2020bb14b2e5b18c9ebf4b432693b1e /activesupport/lib/active_support | |
parent | 28f2c6f4037081da0a82104a3f473165ed4ed2ce (diff) | |
download | rails-ebddf75097785fca450d91c5d7b3fff7db8d2a5c.tar.gz rails-ebddf75097785fca450d91c5d7b3fff7db8d2a5c.tar.bz2 rails-ebddf75097785fca450d91c5d7b3fff7db8d2a5c.zip |
Fix html_escape with Ruby 1.8
Diffstat (limited to 'activesupport/lib/active_support')
-rw-r--r-- | activesupport/lib/active_support/core_ext/string/output_safety.rb | 41 |
1 files changed, 26 insertions, 15 deletions
diff --git a/activesupport/lib/active_support/core_ext/string/output_safety.rb b/activesupport/lib/active_support/core_ext/string/output_safety.rb index c0bd821ea5..0984b25d6b 100644 --- a/activesupport/lib/active_support/core_ext/string/output_safety.rb +++ b/activesupport/lib/active_support/core_ext/string/output_safety.rb @@ -6,21 +6,32 @@ class ERB HTML_ESCAPE = { '&' => '&', '>' => '>', '<' => '<', '"' => '"', "'" => ''' } JSON_ESCAPE = { '&' => '\u0026', '>' => '\u003E', '<' => '\u003C' } - # A utility method for escaping HTML tag characters. - # This method is also aliased as <tt>h</tt>. - # - # In your ERB templates, use this method to escape any unsafe content. For example: - # <%=h @person.name %> - # - # ==== Example: - # puts html_escape("is a > 0 & a < 10?") - # # => is a > 0 & a < 10? - def html_escape(s) - s = s.to_s - if s.html_safe? - s - else - s.gsub(/[&"'><]/, HTML_ESCAPE).html_safe + if RUBY_VERSION >= '1.9' + # A utility method for escaping HTML tag characters. + # This method is also aliased as <tt>h</tt>. + # + # In your ERB templates, use this method to escape any unsafe content. For example: + # <%=h @person.name %> + # + # ==== Example: + # puts html_escape("is a > 0 & a < 10?") + # # => is a > 0 & a < 10? + def html_escape(s) + s = s.to_s + if s.html_safe? + s + else + s.gsub(/[&"'><]/, HTML_ESCAPE).html_safe + end + end + else + def html_escape(s) #:nodoc: + s = s.to_s + if s.html_safe? + s + else + s.gsub(/[&"'><]/n) { |special| HTML_ESCAPE[special] }.html_safe + end end end |