diff options
Diffstat (limited to 'actionpack')
| -rw-r--r-- | actionpack/actionpack.gemspec | 3 | ||||
| -rw-r--r-- | actionpack/lib/abstract_controller/layouts.rb | 3 | ||||
| -rw-r--r-- | actionpack/lib/action_view/renderer/partial_renderer.rb | 5 | ||||
| -rw-r--r-- | actionpack/test/fixtures/test/_200.html.erb | 1 | ||||
| -rw-r--r-- | actionpack/test/template/render_test.rb | 9 | ||||
| -rw-r--r-- | actionpack/test/template/url_helper_test.rb | 8 |
6 files changed, 25 insertions, 4 deletions
diff --git a/actionpack/actionpack.gemspec b/actionpack/actionpack.gemspec index 88d892eb16..15d104fd82 100644 --- a/actionpack/actionpack.gemspec +++ b/actionpack/actionpack.gemspec @@ -25,6 +25,7 @@ Gem::Specification.new do |s| s.add_dependency('rack-test', '~> 0.6.0') s.add_dependency('rack-mount', '~> 0.8.1') s.add_dependency('sprockets', '= 2.0.0.beta.10') - s.add_dependency('tzinfo', '~> 0.3.29') s.add_dependency('erubis', '~> 2.7.0') + + s.add_development_dependency('tzinfo', '~> 0.3.29') end diff --git a/actionpack/lib/abstract_controller/layouts.rb b/actionpack/lib/abstract_controller/layouts.rb index d6f75bded0..10aa34c76b 100644 --- a/actionpack/lib/abstract_controller/layouts.rb +++ b/actionpack/lib/abstract_controller/layouts.rb @@ -139,7 +139,7 @@ module AbstractController # # end # - # This will assign "weblog_standard" as the WeblogController's layout for all actions except for the +rss+ action, which will + # This will assign "weblog_standard" as the WeblogController's layout for all actions except for the +rss+ action, which will # be rendered directly, without wrapping a layout around the rendered view. # # Both the <tt>:only</tt> and <tt>:except</tt> condition can accept an arbitrary number of method references, so @@ -167,6 +167,7 @@ module AbstractController included do class_attribute :_layout_conditions + remove_possible_method :_layout_conditions delegate :_layout_conditions, :to => :'self.class' self._layout_conditions = {} _write_layout_method diff --git a/actionpack/lib/action_view/renderer/partial_renderer.rb b/actionpack/lib/action_view/renderer/partial_renderer.rb index a351fbc04f..24df3af0e4 100644 --- a/actionpack/lib/action_view/renderer/partial_renderer.rb +++ b/actionpack/lib/action_view/renderer/partial_renderer.rb @@ -300,6 +300,11 @@ module ActionView else paths.map! { |path| retrieve_variable(path).unshift(path) } end + if String === partial && @variable.to_s !~ /^[a-z_][a-zA-Z_0-9]*$/ + raise ArgumentError.new("The partial name (#{partial}) is not a valid Ruby identifier; " + + "make sure your partial name starts with a letter or underscore, " + + "and is followed by any combinations of letters, numbers, or underscores.") + end self end diff --git a/actionpack/test/fixtures/test/_200.html.erb b/actionpack/test/fixtures/test/_200.html.erb new file mode 100644 index 0000000000..c9f45675dc --- /dev/null +++ b/actionpack/test/fixtures/test/_200.html.erb @@ -0,0 +1 @@ +<h1>Invalid partial</h1> diff --git a/actionpack/test/template/render_test.rb b/actionpack/test/template/render_test.rb index 4187a0ac78..68b2ed45d1 100644 --- a/actionpack/test/template/render_test.rb +++ b/actionpack/test/template/render_test.rb @@ -98,6 +98,15 @@ module RenderTestCases assert_equal "only partial", @view.render("test/partial_only", :counter_counter => 5) end + def test_render_partial_with_invalid_name + @view.render(:partial => "test/200") + flunk "Render did not raise ArgumentError" + rescue ArgumentError => e + assert_equal "The partial name (test/200) is not a valid Ruby identifier; " + + "make sure your partial name starts with a letter or underscore, " + + "and is followed by any combinations of letters, numbers, or underscores.", e.message + end + def test_render_partial_with_errors @view.render(:partial => "test/raise") flunk "Render did not raise Template::Error" diff --git a/actionpack/test/template/url_helper_test.rb b/actionpack/test/template/url_helper_test.rb index a70c02a429..78245c1f95 100644 --- a/actionpack/test/template/url_helper_test.rb +++ b/actionpack/test/template/url_helper_test.rb @@ -386,13 +386,11 @@ class UrlHelperTest < ActiveSupport::TestCase def test_mail_to_with_javascript snippet = mail_to("me@domain.com", "My email", :encode => "javascript") assert_dom_equal "<script type=\"text/javascript\">eval(decodeURIComponent('%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%27%3c%61%20%68%72%65%66%3d%5c%22%6d%61%69%6c%74%6f%3a%6d%65%40%64%6f%6d%61%69%6e%2e%63%6f%6d%5c%22%3e%4d%79%20%65%6d%61%69%6c%3c%5c%2f%61%3e%27%29%3b'))</script>", snippet - assert snippet.html_safe? end def test_mail_to_with_javascript_unicode snippet = mail_to("unicode@example.com", "Ășnicode", :encode => "javascript") assert_dom_equal "<script type=\"text/javascript\">eval(decodeURIComponent('%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%27%3c%61%20%68%72%65%66%3d%5c%22%6d%61%69%6c%74%6f%3a%75%6e%69%63%6f%64%65%40%65%78%61%6d%70%6c%65%2e%63%6f%6d%5c%22%3e%c3%ba%6e%69%63%6f%64%65%3c%5c%2f%61%3e%27%29%3b'))</script>", snippet - assert snippet.html_safe end def test_mail_with_options @@ -421,6 +419,12 @@ class UrlHelperTest < ActiveSupport::TestCase assert_dom_equal "<script type=\"text/javascript\">eval(decodeURIComponent('%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%27%3c%61%20%68%72%65%66%3d%5c%22%6d%61%69%6c%74%6f%3a%6d%65%40%64%6f%6d%61%69%6e%2e%63%6f%6d%5c%22%3e%6d%65%28%61%74%29%64%6f%6d%61%69%6e%28%64%6f%74%29%63%6f%6d%3c%5c%2f%61%3e%27%29%3b'))</script>", mail_to("me@domain.com", nil, :encode => "javascript", :replace_at => "(at)", :replace_dot => "(dot)") end + def test_mail_to_returns_html_safe_string + assert mail_to("david@loudthinking.com").html_safe? + assert mail_to("me@domain.com", "My email", :encode => "javascript").html_safe? + assert mail_to("me@domain.com", "My email", :encode => "hex").html_safe? + end + # TODO: button_to looks at this ... why? def protect_against_forgery? false |