[Haml] [html2haml] Make sure ERB attribute values are unescaped.

brandondrew · Oct 5, 2009 · bed9e6f · bed9e6f
1 parent dc96ffa
commit bed9e6f
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 1 deletion.
diff --git a/doc-src/HAML_CHANGELOG.md b/doc-src/HAML_CHANGELOG.md
@@ -3,6 +3,11 @@
 * Table of contents
 {:toc}
 
+## 2.2.7 (Unreleased)
+
+* Fixed an `html2haml` issue where ERB attribute values
+  weren't HTML-unescaped before being transformed into Haml.
+
 ## [2.2.6](http://github.com/nex3/haml/commit/2.2.6)
 
 * Made the error message when unable to load a dependency for html2haml

diff --git a/lib/haml/html.rb b/lib/haml/html.rb
@@ -202,7 +202,7 @@ def dynamic_attributes
             full_match = nil
             ruby_value = value.gsub(%r{<haml:loud>\s*(.+?)\s*</haml:loud>}) do
               full_match = $`.empty? && $'.empty?
-              full_match ? $1: "\#{#{$1}}"
+              CGI.unescapeHTML(full_match ? $1: "\#{#{$1}}")
             end
             next if ruby_value == value
             [name, full_match ? ruby_value : %("#{ruby_value}")]

diff --git a/test/haml/html2haml_test.rb b/test/haml/html2haml_test.rb
@@ -64,6 +64,11 @@ def test_rhtml_in_attribute_with_trailing_content
       render_rhtml(%Q{<div class="<%= 12 %>!">Bang!</div>})
   end
 
+  def test_rhtml_in_html_escaped_attribute
+    assert_equal %(%div{ :class => "foo" }\n  Bang!),
+      render_rhtml(%Q{<div class="<%= "foo" %>">Bang!</div>})
+  end
+
   def test_rhtml_in_attribute_to_multiple_interpolations
     assert_equal %(%div{ :class => "\#{12} + \#{13}" }\n  Math is super),
       render_rhtml(%Q{<div class="<%= 12 %> + <%= 13 %>">Math is super</div>})