Permalink
Browse files

ensuring that json_escape returns html safe strings when passed an ht…

…ml safe string
  • Loading branch information...
1 parent 84f71e4 commit 0b02284545dcbed7da40489e0db9bd49eca924b1 @tenderlove tenderlove committed Jun 9, 2011
View
10 actionpack/test/template/erb_util_test.rb
@@ -16,6 +16,16 @@ class ErbUtilTest < Test::Unit::TestCase
end
end
+ def test_json_escape_returns_unsafe_strings_when_passed_unsafe_strings
+ value = json_escape("asdf")
+ assert !value.html_safe?
+ end
+
+ def test_json_escape_returns_safe_strings_when_passed_safe_strings
+ value = json_escape("asdf".html_safe)
+ assert value.html_safe?
+ end
+
def test_html_escape_is_html_safe
escaped = h("<p>")
assert_equal "&lt;p&gt;", escaped
View
3 activesupport/lib/active_support/core_ext/string/output_safety.rb
@@ -51,7 +51,8 @@ def html_escape(s)
# <%=j @person.to_json %>
#
def json_escape(s)
- s.to_s.gsub(/[&"><]/) { |special| JSON_ESCAPE[special] }
+ result = s.to_s.gsub(/[&"><]/) { |special| JSON_ESCAPE[special] }
+ s.html_safe? ? result.html_safe : result
end
alias j json_escape

0 comments on commit 0b02284

Please sign in to comment.