Skip to content
Browse files

Don't html-escape the :count option to translate if it's a Numeric. F…

…ixes #3685.
  • Loading branch information...
1 parent 86b5e81 commit 603a679e87d0317957eb44ce3928d593a0c50bb5 @jonleighton jonleighton committed
View
7 actionpack/CHANGELOG.md
@@ -62,6 +62,13 @@
persistent between requests so if you need to manipulate the environment
for your test you need to do it before the cookie jar is created.
+## Rails 3.1.3 (unreleased) ##
+
+* Fix using `tranlate` helper with a html translation which uses the `:count` option for
+ pluralization.
+
+ *Jon Leighton*
+
## Rails 3.1.2 (unreleased) ##
* Fix XSS security vulnerability in the `translate` helper method. When using interpolation
View
4 actionpack/lib/action_view/helpers/translation_helper.rb
@@ -48,7 +48,9 @@ def translate(key, options = {})
if html_safe_translation_key?(key)
html_safe_options = options.dup
options.except(*I18n::RESERVED_KEYS).each do |name, value|
- html_safe_options[name] = ERB::Util.html_escape(value.to_s)
+ unless name == :count && value.is_a?(Numeric)
+ html_safe_options[name] = ERB::Util.html_escape(value.to_s)
+ end
end
translation = I18n.translate(scope_key_by_partial(key), html_safe_options)
View
12 actionpack/test/template/translation_helper_test.rb
@@ -19,7 +19,11 @@ def setup
:hello_html => '<a>Hello World</a>',
:interpolated_html => '<a>Hello %{word}</a>',
:array_html => %w(foo bar),
- :array => %w(foo bar)
+ :array => %w(foo bar),
+ :count_html => {
+ :one => '<a>One %{count}</a>',
+ :other => '<a>Other %{count}</a>'
+ }
}
)
@view = ::ActionView::Base.new(ActionController::Base.view_paths, {})
@@ -89,6 +93,12 @@ def test_translate_escapes_interpolations_in_translations_with_a_html_suffix
assert_equal '<a>Hello &lt;World&gt;</a>', translate(:'translations.interpolated_html', :word => stub(:to_s => "<World>"))
end
+ def test_translate_with_html_count
+ assert_equal '<a>One 1</a>', translate(:'translations.count_html', :count => 1)
+ assert_equal '<a>Other 2</a>', translate(:'translations.count_html', :count => 2)
+ assert_equal '<a>Other &lt;One&gt;</a>', translate(:'translations.count_html', :count => '<One>')
+ end
+
def test_translation_returning_an_array_ignores_html_suffix
assert_equal ["foo", "bar"], translate(:'translations.array_html')
end

0 comments on commit 603a679

Please sign in to comment.
Something went wrong with that request. Please try again.