Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Don't html-escape the :count option to translate if it's a Numeric. F…

…ixes #3685.

Conflicts:

	actionpack/CHANGELOG.md

Conflicts:

	actionpack/CHANGELOG.md
  • Loading branch information...
commit 13ad87971cc16ebc5c286b484821e2cb0fc3e3b1 1 parent 618300e
@jonleighton jonleighton authored
View
7 actionpack/CHANGELOG
@@ -1,3 +1,10 @@
+*Rails 3.0.12 (unreleased)*
+
+* Fix using `tranlate` helper with a html translation which uses the `:count` option for

Guess there is a typo here: translate.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
+ pluralization.
+
+ *Jon Leighton*
+
*Rails 3.0.11 (unreleased)*
* Fix XSS security vulnerability in the `translate` helper method. When using interpolation
View
4 actionpack/lib/action_view/helpers/translation_helper.rb
@@ -48,7 +48,9 @@ def translate(key, options = {})
if html_safe_translation_key?(key)
html_safe_options = options.dup
options.except(*I18n::RESERVED_KEYS).each do |name, value|
- html_safe_options[name] = ERB::Util.html_escape(value.to_s)
+ unless name == :count && value.is_a?(Numeric)
+ html_safe_options[name] = ERB::Util.html_escape(value.to_s)
+ end
end
translation = I18n.translate(scope_key_by_partial(key), html_safe_options)
View
12 actionpack/test/template/translation_helper_test.rb
@@ -19,7 +19,11 @@ def setup
:hello_html => '<a>Hello World</a>',
:interpolated_html => '<a>Hello %{word}</a>',
:array_html => %w(foo bar),
- :array => %w(foo bar)
+ :array => %w(foo bar),
+ :count_html => {
+ :one => '<a>One %{count}</a>',
+ :other => '<a>Other %{count}</a>'
+ }
}
)
@view = ::ActionView::Base.new(ActionController::Base.view_paths, {})
@@ -89,6 +93,12 @@ def test_translate_escapes_interpolations_in_translations_with_a_html_suffix
assert_equal '<a>Hello &lt;World&gt;</a>', translate(:'translations.interpolated_html', :word => stub(:to_s => "<World>"))
end
+ def test_translate_with_html_count
+ assert_equal '<a>One 1</a>', translate(:'translations.count_html', :count => 1)
+ assert_equal '<a>Other 2</a>', translate(:'translations.count_html', :count => 2)
+ assert_equal '<a>Other &lt;One&gt;</a>', translate(:'translations.count_html', :count => '<One>')
+ end
+
def test_translation_returning_an_array_ignores_html_suffix
assert_equal ["foo", "bar"], translate(:'translations.array_html')
end
Please sign in to comment.
Something went wrong with that request. Please try again.