Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

HTML escaping in the 2.3 stable branch #10

Open
wants to merge 2 commits into from

1 participant

@vjt
vjt commented

Hello, these changes remove escaping of HTML characters from exception e-mails in the 2.3 branch.

Please apply :-).

vjt added some commits
@vjt vjt All output is raw (cherry picked from commit d68b14b)
Conflicts:

	lib/exception_notifier/views/exception_notifier/_environment.html.erb
	lib/exception_notifier/views/exception_notifier/_request.html.erb
	lib/exception_notifier/views/exception_notifier/_session.html.erb
	lib/exception_notifier/views/exception_notifier/exception_notification.html.erb
aea0809
@vjt vjt Removed logging of section rendering, made titles work 48c77db
@bishopandco bishopandco referenced this pull request from a commit in theablefew/exception_notification
@smartinez87 smartinez87 No longer needed, bug #10 fixed. 69f6a9f
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Nov 3, 2010
  1. @vjt

    All output is raw (cherry picked from commit d68b14b)

    vjt authored
    Conflicts:
    
    	lib/exception_notifier/views/exception_notifier/_environment.html.erb
    	lib/exception_notifier/views/exception_notifier/_request.html.erb
    	lib/exception_notifier/views/exception_notifier/_session.html.erb
    	lib/exception_notifier/views/exception_notifier/exception_notification.html.erb
  2. @vjt
This page is out of date. Refresh to see the latest.
View
3  lib/exception_notification/notifier_helper.rb
@@ -24,10 +24,9 @@ module ExceptionNotification::NotifierHelper
PARAM_FILTER_REPLACEMENT = "[FILTERED]"
def render_section(section)
- RAILS_DEFAULT_LOGGER.info("rendering section #{section.inspect}")
summary = render("exception_notifier/#{section}").strip
unless summary.blank?
- title = render("exception_notifier/title", :locals => { :title => section }).strip
+ title = render("exception_notifier/title", :title => section).strip
"#{title}\n\n#{summary.gsub(/^/, " ")}\n\n"
end
end
View
2  views/exception_notifier/_backtrace.rhtml
@@ -1 +1 @@
-<%= @backtrace.join "\n" %>
+<%=raw @backtrace.join "\n" %>
View
6 views/exception_notifier/_environment.rhtml
@@ -1,7 +1,7 @@
<% max = @request.env.keys.max { |a,b| a.length <=> b.length } -%>
<% @request.env.keys.sort.each do |key| -%>
-* <%= "%-*s: %s" % [max.length, key, filter_sensitive_post_data_from_env(key, @request.env[key].to_s.strip)] %>
+* <%=raw "%-*s: %s" % [max.length, key, filter_sensitive_post_data_from_env(key, @request.env[key].to_s.strip)] %>
<% end -%>
-* Process: <%= $$ %>
-* Server : <%= `hostname -s`.chomp %>
+* Process: <%=raw $$ %>
+* Server : <%=raw `hostname -s`.chomp %>
View
8 views/exception_notifier/_request.rhtml
@@ -1,4 +1,4 @@
-* URL : <%= @request.protocol %><%= @host %><%= @request.request_uri %>
-* IP address: <%= @request.env["HTTP_X_FORWARDED_FOR"] || @request.env["REMOTE_ADDR"] %>
-* Parameters: <%= filter_sensitive_post_data_parameters(@request.parameters).inspect %>
-* Rails root: <%= @rails_root %>
+* URL : <%=raw @request.url %>
+* IP address: <%=raw @request.remote_ip %>
+* Parameters: <%=raw filter_sensitive_post_data_parameters(@request.parameters).inspect %>
+* Rails root: <%=raw Rails.root %>
View
4 views/exception_notifier/_session.rhtml
@@ -1,2 +1,2 @@
-* session id: <%= @request.session_options[:id] %>
-* data: <%= @request.session.inspect %>
+* session id: <%=raw @request.session_options[:id] %>
+* data: <%=raw PP.pp @request.session.inspect.gsub(/\n/, "\n ").strip.html_safe %>
View
2  views/exception_notifier/_title.rhtml
@@ -1,3 +1,3 @@
-------------------------------
-<%= title.to_s.humanize %>:
+<%=raw title.to_s.humanize %>:
-------------------------------
View
6 views/exception_notifier/exception_notification.rhtml
@@ -1,6 +1,6 @@
A <%= @exception.class %> occurred <%= @exception_source %>:
- <%= @exception.message %>
- <%= @backtrace.first %>
+ <%=raw @exception.message %>
+ <%=raw @backtrace.first %>
-<%= @sections.map { |section| render_section(section) }.join %>
+<%=raw @sections.map { |section| render_section(section) }.join %>
Something went wrong with that request. Please try again.