From 97c5e6fa027d0ef9151172c193b1f61ee4c4c70a Mon Sep 17 00:00:00 2001 From: Timm Date: Fri, 16 Aug 2013 16:49:05 +0200 Subject: Changed: remove_xpaths called with String returns String, while called with Loofah fragment returns Loofah fragment. Added tests for this. --- .../lib/action_view/helpers/sanitize_helper/sanitizers.rb | 4 ++-- actionview/test/template/sanitizers_test.rb | 11 +++++++++++ 2 files changed, 13 insertions(+), 2 deletions(-) (limited to 'actionview') diff --git a/actionview/lib/action_view/helpers/sanitize_helper/sanitizers.rb b/actionview/lib/action_view/helpers/sanitize_helper/sanitizers.rb index c6bbf5e3f7..01ab9830f3 100644 --- a/actionview/lib/action_view/helpers/sanitize_helper/sanitizers.rb +++ b/actionview/lib/action_view/helpers/sanitize_helper/sanitizers.rb @@ -14,9 +14,9 @@ module ActionView def remove_xpaths(html, xpaths) if html.respond_to?(:xpath) xpaths.each { |xpath| html.xpath(xpath).remove } - html.to_s + html else - remove_xpaths(Loofah.fragment(html), xpaths) + remove_xpaths(Loofah.fragment(html), xpaths).to_s end end end diff --git a/actionview/test/template/sanitizers_test.rb b/actionview/test/template/sanitizers_test.rb index 825a3a1b75..8d2934caed 100644 --- a/actionview/test/template/sanitizers_test.rb +++ b/actionview/test/template/sanitizers_test.rb @@ -37,6 +37,17 @@ class SanitizersTest < ActionController::TestCase end end + def test_sanitizer_remove_xpaths_called_with_string_returns_string + sanitizer = ActionView::Sanitizer.new + assert '', sanitizer.remove_xpaths('', []) + end + + def test_sanitizer_remove_xpaths_called_with_fragment_returns_fragment + sanitizer = ActionView::Sanitizer.new + fragment = sanitizer.remove_xpaths(Loofah.fragment(''), []) + assert_kind_of Loofah::HTML::DocumentFragment, fragment + end + def test_strip_tags_with_quote sanitizer = ActionView::FullSanitizer.new string = '<" hi' -- cgit v1.2.3