Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Add proper fix to `mail_to` helper.

* Fix the problem on manipulating on the `ActiveSupport::SafeBuffer`
* Make sure that we run `escape_javascript` on the `String`, to avoid unexpected behavior.
  • Loading branch information...
commit 719e05da06d68cb8c767f6f27cec3d069d10ab7a 1 parent d1a7475
@sikachu sikachu authored
Showing with 2 additions and 2 deletions.
  1. +2 −2 actionpack/lib/action_view/helpers/url_helper.rb
View
4 actionpack/lib/action_view/helpers/url_helper.rb
@@ -497,14 +497,14 @@ def mail_to(email_address, name = nil, html_options = {})
}.compact
extras = extras.empty? ? '' : '?' + ERB::Util.html_escape(extras.join('&'))
- email_address_obfuscated = email_address.dup
+ email_address_obfuscated = email_address.to_str
email_address_obfuscated.gsub!(/@/, html_options.delete("replace_at")) if html_options.key?("replace_at")
email_address_obfuscated.gsub!(/\./, html_options.delete("replace_dot")) if html_options.key?("replace_dot")
case encode
when "javascript"
string = ''
html = content_tag("a", name || email_address_obfuscated.html_safe, html_options.merge("href" => "mailto:#{email_address}#{extras}".html_safe))
- html = escape_javascript(html)
+ html = escape_javascript(html.to_str)
"document.write('#{html}');".each_byte do |c|
string << sprintf("%%%x", c)
end
Please sign in to comment.
Something went wrong with that request. Please try again.