From b167248b21a8da63be871ec6815d117a8efa25f3 Mon Sep 17 00:00:00 2001
From: David Heinemeier Hansson <david@loudthinking.com>
Date: Mon, 9 May 2005 11:20:19 +0000
Subject: Fixed the HTML scanner used by assert_tag where a infinite loop could
 be caused by a stray less-than sign in the input #1270 [Jamis Buck]

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@1297 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
---
 .../lib/action_controller/vendor/html-scanner/html/node.rb |  5 ++++-
 .../vendor/html-scanner/html/tokenizer.rb                  | 14 +++++++++++---
 2 files changed, 15 insertions(+), 4 deletions(-)

(limited to 'actionpack/lib/action_controller/vendor/html-scanner')

diff --git a/actionpack/lib/action_controller/vendor/html-scanner/html/node.rb b/actionpack/lib/action_controller/vendor/html-scanner/html/node.rb
index e6362655e8..edfc57d8b6 100644
--- a/actionpack/lib/action_controller/vendor/html-scanner/html/node.rb
+++ b/actionpack/lib/action_controller/vendor/html-scanner/html/node.rb
@@ -277,7 +277,10 @@ module HTML#:nodoc:
         "</#{@name}>"
       else
         s = "<#{@name}"
-        @attributes.each { |k,v| s << " #{k}='#{v.to_s.gsub(/'/,"\\\\'")}'" }
+        @attributes.each do |k,v|
+          s << " #{k}"
+          s << "='#{v.gsub(/'/,"\\\\'")}'" if String === v
+        end
         s << " /" if @closing == :self
         s << ">"
         @children.each { |child| s << child.to_s }
diff --git a/actionpack/lib/action_controller/vendor/html-scanner/html/tokenizer.rb b/actionpack/lib/action_controller/vendor/html-scanner/html/tokenizer.rb
index 45066319f5..ce49b9c7e0 100644
--- a/actionpack/lib/action_controller/vendor/html-scanner/html/tokenizer.rb
+++ b/actionpack/lib/action_controller/vendor/html-scanner/html/tokenizer.rb
@@ -63,7 +63,7 @@ module HTML#:nodoc:
 
       # Scan all text up to the next < character and return it.
       def scan_text
-        @scanner.scan(/[^<]*/)
+        @scanner.getch + (@scanner.scan(/[^<]*/) || "")
       end
       
       # Counts the number of newlines in the text and updates the current line
@@ -78,9 +78,17 @@ module HTML#:nodoc:
       def consume_quoted_regions
         text = ""
         loop do
-          match = @scanner.scan_until(/['">]/) or break
+          match = @scanner.scan_until(/['"<>]/) or break
+
+          delim = @scanner.matched
+          if delim == "<"
+            match = match.chop
+            @scanner.pos -= 1
+          end
+
           text << match
-          break if (delim = @scanner.matched) == ">"
+          break if delim == "<" || delim == ">"
+
           # consume the conqued region
           while match = @scanner.scan_until(/[\\#{delim}]/)
             text << match
-- 
cgit v1.2.3