From 79b38c386ae3817df5321522ab9ea169c028de96 Mon Sep 17 00:00:00 2001 From: Andrew White Date: Sun, 20 May 2012 19:02:58 +0100 Subject: Escape the extension when normalizing the action cache path. Although no recognized formats use non-ASCII characters, sometimes they can be included in the :format parameter because of invalid URLS. To prevent encoding incompatibility errors we need to escape them before passing the path to URI.unescape. Closes #4379 --- actionpack/lib/action_controller/caching/actions.rb | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'actionpack/lib') diff --git a/actionpack/lib/action_controller/caching/actions.rb b/actionpack/lib/action_controller/caching/actions.rb index 80901b8bf3..0238135bc1 100644 --- a/actionpack/lib/action_controller/caching/actions.rb +++ b/actionpack/lib/action_controller/caching/actions.rb @@ -47,7 +47,7 @@ module ActionController #:nodoc: # And you can also use :if (or :unless) to pass a # proc that specifies when the action should be cached. # - # As of Rails 3.0, you can also pass :expires_in with a time + # As of Rails 3.0, you can also pass :expires_in with a time # interval (in seconds) to schedule expiration of the cached item. # # The following example depicts some of the points made above: @@ -178,8 +178,9 @@ module ActionController #:nodoc: private def normalize!(path) + ext = URI.parser.escape(extension) if extension path << 'index' if path[-1] == ?/ - path << ".#{extension}" if extension and !path.split('?', 2).first.ends_with?(".#{extension}") + path << ".#{ext}" if extension and !path.split('?', 2).first.ends_with?(".#{ext}") URI.parser.unescape(path) end end -- cgit v1.2.3