From cac2bb7f44a6b8e240034d1de89a41fe0dd9f0ec Mon Sep 17 00:00:00 2001 From: Kevin Deisz Date: Fri, 24 Aug 2018 16:13:57 -0400 Subject: Deprecate usage of ActionView::Template::Handlers::ERB::escape_whitelist --- actionview/lib/action_view/template/handlers/erb.rb | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'actionview') diff --git a/actionview/lib/action_view/template/handlers/erb.rb b/actionview/lib/action_view/template/handlers/erb.rb index b7b749f9da..93edef9c26 100644 --- a/actionview/lib/action_view/template/handlers/erb.rb +++ b/actionview/lib/action_view/template/handlers/erb.rb @@ -14,7 +14,17 @@ module ActionView class_attribute :erb_implementation, default: Erubi # Do not escape templates of these mime types. - class_attribute :escape_whitelist, default: ["text/plain"] + class_attribute :escape_permit_list, default: ["text/plain"] + + [self, singleton_class].each do |base| + base.alias_method :escape_whitelist, :escape_permit_list + base.alias_method :escape_whitelist=, :escape_permit_list= + + base.deprecate( + escape_whitelist: 'use #escape_permit_list instead', + :escape_whitelist= => 'use #escape_permit_list= instead' + ) + end ENCODING_TAG = Regexp.new("\\A(<%#{ENCODING_FLAG}-?%>)[ \\t]*") @@ -47,7 +57,7 @@ module ActionView self.class.erb_implementation.new( erb, - escape: (self.class.escape_whitelist.include? template.type), + escape: (self.class.escape_permit_list.include? template.type), trim: (self.class.erb_trim_mode == "-") ).src end -- cgit v1.2.3