diff options
Diffstat (limited to 'actionpack')
-rw-r--r-- | actionpack/lib/action_view/template_handlers/erb.rb | 2 | ||||
-rw-r--r-- | actionpack/test/template/erb_util_test.rb | 56 |
2 files changed, 57 insertions, 1 deletions
diff --git a/actionpack/lib/action_view/template_handlers/erb.rb b/actionpack/lib/action_view/template_handlers/erb.rb index f1b800cb53..022fc362e7 100644 --- a/actionpack/lib/action_view/template_handlers/erb.rb +++ b/actionpack/lib/action_view/template_handlers/erb.rb @@ -5,7 +5,7 @@ class ERB HTML_ESCAPE = { '&' => '&', '"' => '"', '>' => '>', '<' => '<' } def html_escape(s) - s.to_s.gsub(/[&\"><]/) { |special| HTML_ESCAPE[special] } + s.to_s.gsub(/[&"><]/) { |special| HTML_ESCAPE[special] } end end end diff --git a/actionpack/test/template/erb_util_test.rb b/actionpack/test/template/erb_util_test.rb new file mode 100644 index 0000000000..3aff987b22 --- /dev/null +++ b/actionpack/test/template/erb_util_test.rb @@ -0,0 +1,56 @@ +require "#{File.dirname(__FILE__)}/../abstract_unit" + +class ErbUtilTest < Test::Unit::TestCase + include ERB::Util + + def test_amp + assert_equal '&', html_escape('&') + end + + def test_quot + assert_equal '"', html_escape('"') + end + + def test_lt + assert_equal '<', html_escape('<') + end + + def test_gt + assert_equal '>', html_escape('>') + end + + def test_rest_in_ascii + (0..127).to_a.map(&:chr).each do |chr| + next if %w(& " < >).include?(chr) + assert_equal chr, html_escape(chr) + end + end +end +require "#{File.dirname(__FILE__)}/../abstract_unit" + +class ErbUtilTest < Test::Unit::TestCase + include ERB::Util + + def test_amp + assert_equal '&', html_escape('&') + end + + def test_quot + assert_equal '"', html_escape('"') + end + + def test_lt + assert_equal '<', html_escape('<') + end + + def test_gt + assert_equal '>', html_escape('>') + end + + def test_rest_in_ascii + (0..127).to_a.map(&:chr).each do |chr| + next if %w(& " < >).include?(chr) + assert_equal chr, html_escape(chr) + end + end +end
\ No newline at end of file |