From f44db45c87561dca3f29555132504a4cbf19857e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jos=C3=A9=20Valim?= <jose.valim@gmail.com>
Date: Thu, 16 Jun 2011 17:04:31 -0300
Subject: safe_concat should not work on dirty buffers.

---
 .../lib/active_support/core_ext/string/output_safety.rb | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

(limited to 'activesupport/lib/active_support/core_ext/string')

diff --git a/activesupport/lib/active_support/core_ext/string/output_safety.rb b/activesupport/lib/active_support/core_ext/string/output_safety.rb
index c56ac16203..71f3879e49 100644
--- a/activesupport/lib/active_support/core_ext/string/output_safety.rb
+++ b/activesupport/lib/active_support/core_ext/string/output_safety.rb
@@ -77,10 +77,19 @@ module ActiveSupport #:nodoc:
   class SafeBuffer < String
     UNSAFE_STRING_METHODS = ["capitalize", "chomp", "chop", "delete", "downcase", "gsub", "lstrip", "next", "reverse", "rstrip", "slice", "squeeze", "strip", "sub", "succ", "swapcase", "tr", "tr_s", "upcase"].freeze
 
-    # TODO: Should safe_concat check if the current buffer is dirty or not?
-    # We should probably raise as it would mean we are adding concatenating
-    # to something that is safe but it actually isn't.
-    alias safe_concat concat
+    alias_method :original_concat, :concat
+    private :original_concat
+
+    class SafeConcatError < StandardError
+      def initialize
+        super "Could not concatenate to the buffer because it is not html safe."
+      end
+    end
+
+    def safe_concat(value)
+      raise SafeConcatError if dirty?
+      original_concat(value)
+    end
 
     def initialize(*)
       @dirty = false
-- 
cgit v1.2.3