Commit 53c794720adfb146c5a161485e95417833b82ec9 to manveru's ramaze

manveru / ramaze

Run the following if you haven't already:

gem sources -a http://gems.github.com

Install the gem(s):

sudo gem install manveru-ramaze

Description:	Ramaze is a simple, light and modular open-source web application framework written in Ruby.
Homepage:	http://ramaze.net
Clone URL:	git://github.com/manveru/ramaze.git Give this clone URL to anyone. `git clone git://github.com/manveru/ramaze.git`

Click here to lend your support to: ramaze and make a donation at www.pledgie.com !

Only escape # with h() where needed

manveru (author)

Mon Jul 21 02:27:46 -0700 2008

commit 53c794720adfb146c5a161485e95417833b82ec9
tree 2102c1df5bb59dcaa897957de99c50b168dffb53
parent f89652a95d2417d88fabcb77a143522235af0d79

lib/ramaze/helper/cgi.rb

lib/ramaze/helper/cgi.rb

0
@@ -29,7 +29,7 @@ module Ramaze
0
 
0
     # safely escape all HTML and code
0
     def h(string)
0
-      Rack::Utils.escape_html(string).gsub(/#/, '&#35;')
0
+      Rack::Utils.escape_html(string).gsub(/#([{@$]@?)/, '&#35;\1')
0
     end
0
 
0
     # one-letter versions help in case like #{h foo.inspect}

Comments

No one has commented yet.