diff options
| -rw-r--r-- | actionpack/lib/action_view/helpers/text_helper.rb | 2 | ||||
| -rw-r--r-- | actionpack/test/template/text_helper_test.rb | 32 |
2 files changed, 33 insertions, 1 deletions
diff --git a/actionpack/lib/action_view/helpers/text_helper.rb b/actionpack/lib/action_view/helpers/text_helper.rb index 4c76e9642f..19f55143bf 100644 --- a/actionpack/lib/action_view/helpers/text_helper.rb +++ b/actionpack/lib/action_view/helpers/text_helper.rb @@ -275,7 +275,7 @@ module ActionView # textilize_without_paragraph("Visit the Rails website "here":http://www.rubyonrails.org/.) # # => "Visit the Rails website <a href="http://www.rubyonrails.org/">here</a>." def textilize_without_paragraph(text, *options) - textiled = textilize(text, options) + textiled = textilize(text, *options) if textiled[0..2] == "<p>" then textiled = textiled[3..-1] end if textiled[-4..-1] == "</p>" then textiled = textiled[0..-5] end return textiled diff --git a/actionpack/test/template/text_helper_test.rb b/actionpack/test/template/text_helper_test.rb index 9d7106b2e5..8c4711451e 100644 --- a/actionpack/test/template/text_helper_test.rb +++ b/actionpack/test/template/text_helper_test.rb @@ -693,5 +693,37 @@ class TextHelperTest < ActionView::TestCase def test_textilize_with_hard_breaks assert_equal("<p>This is one scary world.<br />\n True.</p>", textilize("This is one scary world.\n True.")) end + + def test_textilize_without_paragraph_should_be_html_safe + textilize_without_paragraph("*This is Textile!* Rejoice!").html_safe? + end + + def test_textilize_without_paragraph + assert_equal("<strong>This is Textile!</strong> Rejoice!", textilize_without_paragraph("*This is Textile!* Rejoice!")) + end + + def test_textilize_without_paragraph_with_blank + assert_equal("", textilize_without_paragraph("")) + end + + def test_textilize_without_paragraph_with_options + assert_equal("This is worded <strong>strongly</strong>", textilize_without_paragraph("This is worded <strong>strongly</strong>", :filter_html)) + end + + def test_textilize_without_paragraph_should_sanitize_unsafe_input + assert_equal("This is worded <strong>strongly</strong>", textilize_without_paragraph("This is worded <strong>strongly</strong><script>code!</script>")) + end + + def test_textilize_without_paragraph_should_not_sanitize_input_if_safe_option + assert_equal("This is worded <strong>strongly</strong><script>code!</script>", textilize_without_paragraph("This is worded <strong>strongly</strong><script>code!</script>", :safe)) + end + + def test_textilize_without_paragraph_should_not_sanitize_safe_input + assert_equal("This is worded <strong>strongly</strong><script>code!</script>", textilize_without_paragraph("This is worded <strong>strongly</strong><script>code!</script>".html_safe)) + end + + def test_textilize_without_paragraph_with_hard_breaks + assert_equal("This is one scary world.<br />\n True.", textilize_without_paragraph("This is one scary world.\n True.")) + end end end |