Permalink
Browse files

Add Html template handler that wraps Raw output in an OutputBuffer

This fixes the case when you try to render an html you know safe and the
file is named something.html. With this commit the content of the html
won't be escaped anymore because AV won't use Raw handler and choose
Html handler instead.
  • Loading branch information...
1 parent 3d90a63 commit 8a998b0fa7523c2c8eb6d0cf56e40408bf6e9b2e @spastorino spastorino committed Jan 5, 2016
@@ -2,13 +2,15 @@ module ActionView #:nodoc:
# = Action View Template Handlers
class Template
module Handlers #:nodoc:
+ autoload :Raw, 'action_view/template/handlers/raw'
autoload :ERB, 'action_view/template/handlers/erb'
+ autoload :Html, 'action_view/template/handlers/html'
autoload :Builder, 'action_view/template/handlers/builder'
- autoload :Raw, 'action_view/template/handlers/raw'
def self.extended(base)
base.register_default_template_handler :raw, Raw.new
base.register_template_handler :erb, ERB.new
+ base.register_template_handler :html, Html.new
base.register_template_handler :builder, Builder.new
base.register_template_handler :ruby, :source.to_proc
end
@@ -0,0 +1,9 @@
+module ActionView
+ module Template::Handlers
+ class Html < Raw
+ def call(template)
+ "ActionView::OutputBuffer.new #{super}"
+ end
+ end
+ end
+end
@@ -0,0 +1,2 @@
+<%= render :partial => 'test/partialhtml' %>
+<%= yield %>
@@ -0,0 +1 @@
+<h1>partial html</h1>
@@ -71,7 +71,7 @@ def test_render_template_with_a_missing_partial_of_another_format
e = assert_raise ActionView::Template::Error do
@view.render(:template => "with_format", :formats => [:json])
end
- assert_includes(e.message, "Missing partial /_missing with {:locale=>[:en], :formats=>[:json], :variants=>[], :handlers=>[:raw, :erb, :builder, :ruby]}.")
+ assert_includes(e.message, "Missing partial /_missing with {:locale=>[:en], :formats=>[:json], :variants=>[], :handlers=>[:raw, :erb, :html, :builder, :ruby]}.")
end
def test_render_file_with_locale
@@ -467,6 +467,11 @@ def test_render_with_layout_which_renders_another_partial
@view.render(:file => "test/hello_world", :layout => "layouts/yield_with_render_partial_inside")
end
+ def test_render_partial_with_html_only_extension
+ assert_equal %(<h1>partial html</h1>\nHello world!\n),
+ @view.render(:file => "test/hello_world", :layout => "layouts/render_partial_html")
+ end
+
def test_render_layout_with_block_and_yield
assert_equal %(Content from block!\n),
@view.render(:layout => "layouts/yield_only") { "Content from block!" }

0 comments on commit 8a998b0

Please sign in to comment.