From 9d6e502f81bcf56c7da8a7d1f9e433b4e0a7e3e9 Mon Sep 17 00:00:00 2001
From: Jeremy Kemper <jeremy@bitsweat.net>
Date: Mon, 3 Dec 2012 10:30:58 -0700
Subject: Override <%== to always behave as literal text rather than toggling
 based on whether escaping is enabled. Fixes that existing plaintext email
 templates using <%== unexpectedly flipped to *escaping* HTML when #8235 was
 merged.

Conflicts:
	actionpack/test/template/template_test.rb
---
 actionpack/lib/action_view/template/handlers/erb.rb | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'actionpack/lib/action_view/template')

diff --git a/actionpack/lib/action_view/template/handlers/erb.rb b/actionpack/lib/action_view/template/handlers/erb.rb
index 6cc6a8f8ed..118b18a81c 100644
--- a/actionpack/lib/action_view/template/handlers/erb.rb
+++ b/actionpack/lib/action_view/template/handlers/erb.rb
@@ -15,6 +15,17 @@ module ActionView
           src << "@output_buffer.safe_concat('" << escape_text(text) << "');"
         end
 
+        # Erubis toggles <%= and <%== behavior when escaping is enabled.
+        # We override to always treat <%== as escaped.
+        def add_expr(src, code, indicator)
+          case indicator
+          when '=='
+            add_expr_escaped(src, code)
+          else
+            super
+          end
+        end
+
         BLOCK_EXPR = /\s+(do|\{)(\s*\|[^|]*\|)?\s*\Z/
 
         def add_expr_literal(src, code)
-- 
cgit v1.2.3