Skip to content
This repository
Browse code

fixed to_xml_attributes to properly escape quotes in attribute values

  • Loading branch information...
commit 42f398eedab0b2d764dd31890807195ccacd1ef1 1 parent a1db3b4
Matthew McEachen authored committed

Showing 2 changed files with 9 additions and 8 deletions. Show diff stats Hide diff stats

  1. +2 2 lib/crack/core_extensions.rb
  2. +7 6 test/hash_test.rb
4 lib/crack/core_extensions.rb
@@ -122,7 +122,7 @@ def normalize_param(key, value)
122 122 # #=> 'one="1" two="TWO"'
123 123 def to_xml_attributes
124 124 map do |k,v|
125   - %{#{k.to_s.snake_case.sub(/^(.{1,1})/) { |m| m.downcase }}="#{v}"}
  125 + %{#{k.to_s.snake_case.sub(/^(.{1,1})/) { |m| m.downcase }}="#{v.to_s.gsub('"', '"')}"}
126 126 end.join(' ')
127 127 end
128   -end
  128 +end
13 test/hash_test.rb
@@ -3,16 +3,17 @@
3 3 class CrackTest < Test::Unit::TestCase
4 4 context "to_xml_attributes" do
5 5 setup do
6   - @hash = { :one => "ONE", "two" => "TWO" }
  6 + @hash = { :one => "ONE", "two" => "TWO", :three => "it \"should\" work" }
7 7 end
8 8
9   - should "should turn the hash into xml attributes" do
  9 + should "turn the hash into xml attributes" do
10 10 attrs = @hash.to_xml_attributes
11 11 attrs.should =~ /one="ONE"/m
12 12 attrs.should =~ /two="TWO"/m
  13 + attrs.should =~ /three="it &quot;should&quot; work"/m
13 14 end
14 15
15   - should 'should preserve _ in hash keys' do
  16 + should 'preserve _ in hash keys' do
16 17 attrs = {
17 18 :some_long_attribute => "with short value",
18 19 :crash => :burn,
@@ -38,7 +39,7 @@ class CrackTest < Test::Unit::TestCase
38 39 end
39 40 end
40 41
41   - should 'should not leave a trailing &' do
  42 + should 'not leave a trailing &' do
42 43 {
43 44 :name => 'Bob',
44 45 :address => {
@@ -49,8 +50,8 @@ class CrackTest < Test::Unit::TestCase
49 50 }.to_params.should_not =~ /&$/
50 51 end
51 52
52   - should 'should URL encode unsafe characters' do
  53 + should 'URL encode unsafe characters' do
53 54 {:q => "?&\" +"}.to_params.should == "q=%3F%26%22%20%2B"
54 55 end
55 56 end
56   -end
  57 +end

0 comments on commit 42f398e

Please sign in to comment.
Something went wrong with that request. Please try again.