Override <%== to always behave as literal text rather than toggling b…

…ased on whether escaping is enabled. Fixes that existing plaintext email templates using <%== unexpectedly flipped to *escaping* HTML when #8235 was merged. Conflicts: actionpack/test/template/template_test.rb
rails · Dec 3, 2012 · 9d6e502 · 9d6e502
1 parent 19599c2
commit 9d6e502
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 4 deletions.
diff --git a/actionpack/lib/action_view/template/handlers/erb.rb b/actionpack/lib/action_view/template/handlers/erb.rb
@@ -15,6 +15,17 @@ def add_text(src, text)
           src << "@output_buffer.safe_concat('" << escape_text(text) << "');"
         end
 
+        # Erubis toggles <%= and <%== behavior when escaping is enabled.
+        # We override to always treat <%== as escaped.
+        def add_expr(src, code, indicator)
+          case indicator
+          when '=='
+            add_expr_escaped(src, code)
+          else
+            super
+          end
+        end
+
         BLOCK_EXPR = /\s+(do|\{)(\s*\|[^|]*\|)?\s*\Z/
 
         def add_expr_literal(src, code)

diff --git a/actionpack/test/controller/new_base/render_template_test.rb b/actionpack/test/controller/new_base/render_template_test.rb
@@ -9,7 +9,8 @@ class WithoutLayoutController < ActionController::Base
       "locals.html.erb"            => "The secret is <%= secret %>",
       "xml_template.xml.builder"   => "xml.html do\n  xml.p 'Hello'\nend",
       "with_raw.html.erb"          => "Hello <%=raw '<strong>this is raw</strong>' %>",
-      "with_implicit_raw.html.erb" => "Hello <%== '<strong>this is also raw</strong>' %>",
+      "with_implicit_raw.html.erb" => "Hello <%== '<strong>this is also raw</strong>' %> in a html template",
+      "with_implicit_raw.text.erb" => "Hello <%== '<strong>this is also raw</strong>' %> in a text template",
       "test/with_json.html.erb"    => "<%= render :template => 'test/with_json', :formats => [:json] %>",
       "test/with_json.json.erb"    => "<%= render :template => 'test/final', :formats => [:json]  %>",
       "test/final.json.erb"        => "{ final: json }",
@@ -113,7 +114,12 @@ class TestWithoutLayout < Rack::TestCase
 
       get :with_implicit_raw
 
-      assert_body "Hello <strong>this is also raw</strong>"
+      assert_body "Hello <strong>this is also raw</strong> in a html template"
+      assert_status 200
+
+      get :with_implicit_raw, format: 'text'
+
+      assert_body "Hello <strong>this is also raw</strong> in a text template"
       assert_status 200
     end
 

diff --git a/actionpack/test/template/template_test.rb b/actionpack/test/template/template_test.rb
@@ -74,8 +74,8 @@ def test_basic_template_does_html_escape
   end
 
   def test_text_template_does_not_html_escape
-    @template = new_template("<%= apostrophe %>", :format => :text)
-    assert_equal "l'apostrophe", render
+    @template = new_template("<%= apostrophe %> <%== apostrophe %>", :format => :text)
+    assert_equal "l'apostrophe l'apostrophe", render
   end
 
   def test_template_loses_its_source_after_rendering