diff options
author | Aaron Patterson <aaron.patterson@gmail.com> | 2012-03-01 09:05:34 -0800 |
---|---|---|
committer | Aaron Patterson <aaron.patterson@gmail.com> | 2012-03-01 09:05:34 -0800 |
commit | c60c1c0812d5eb55e7024db350f8bc5b6729f7fe (patch) | |
tree | 8665043df7d6705bc5cc41daf59fc2041126ff41 /activesupport/lib | |
parent | ecff25cda6917a07c7bcb4ed0865c75d16164306 (diff) | |
parent | 55ac1b9d889ddfdeaa3d6eb9389d3cc7695b8e07 (diff) | |
download | rails-c60c1c0812d5eb55e7024db350f8bc5b6729f7fe.tar.gz rails-c60c1c0812d5eb55e7024db350f8bc5b6729f7fe.tar.bz2 rails-c60c1c0812d5eb55e7024db350f8bc5b6729f7fe.zip |
Merge branch '3-2-stable-security' into 3-2-2
* 3-2-stable-security:
Ensure [] respects the status of the buffer.
delete vulnerable AS::SafeBuffer#[]
use AS::SafeBuffer#clone_empty for flushing the output_buffer
add AS::SafeBuffer#clone_empty
fix output safety issue with select options
Diffstat (limited to 'activesupport/lib')
-rw-r--r-- | activesupport/lib/active_support/core_ext/string/output_safety.rb | 38 |
1 files changed, 22 insertions, 16 deletions
diff --git a/activesupport/lib/active_support/core_ext/string/output_safety.rb b/activesupport/lib/active_support/core_ext/string/output_safety.rb index c6d861d124..4089b02d45 100644 --- a/activesupport/lib/active_support/core_ext/string/output_safety.rb +++ b/activesupport/lib/active_support/core_ext/string/output_safety.rb @@ -98,29 +98,41 @@ module ActiveSupport #:nodoc: end end - def[](*args) - new_safe_buffer = super - new_safe_buffer.instance_eval { @dirty = false } - new_safe_buffer + def [](*args) + return super if args.size < 2 + + if html_safe? + new_safe_buffer = super + new_safe_buffer.instance_eval { @html_safe = true } + new_safe_buffer + else + to_str[*args] + end end def safe_concat(value) - raise SafeConcatError if dirty? + raise SafeConcatError unless html_safe? original_concat(value) end def initialize(*) - @dirty = false + @html_safe = true super end def initialize_copy(other) super - @dirty = other.dirty? + @html_safe = other.html_safe? + end + + def clone_empty + new_safe_buffer = self[0, 0] + new_safe_buffer.instance_variable_set(:@dirty, @dirty) + new_safe_buffer end def concat(value) - if dirty? || value.html_safe? + if !html_safe? || value.html_safe? super(value) else super(ERB::Util.h(value)) @@ -133,7 +145,7 @@ module ActiveSupport #:nodoc: end def html_safe? - !dirty? + defined?(@html_safe) && @html_safe end def to_s @@ -161,18 +173,12 @@ module ActiveSupport #:nodoc: end # end def #{unsafe_method}!(*args) # def capitalize!(*args) - @dirty = true # @dirty = true + @html_safe = false # @html_safe = false super # super end # end EOT end end - - protected - - def dirty? - @dirty - end end end |