Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

properly subsituting bad utf8 characters

  • Loading branch information...
commit b45dfc7278c19d0bbd4c36185edcc6f3b3ac6573 1 parent 3480d97
Aaron Patterson tenderlove authored
2  activesupport/lib/active_support/core_ext/string/output_safety.rb
View
@@ -20,7 +20,7 @@ def html_escape(s)
if s.html_safe?
s
else
- s.gsub(/[&"><]/) { |special| HTML_ESCAPE[special] }.html_safe
+ s.to_s.gsub(/&/, "&amp;").gsub(/\"/, "&quot;").gsub(/>/, "&gt;").gsub(/</, "&lt;").html_safe
end
end
7 activesupport/test/core_ext/string_ext_test.rb
View
@@ -7,10 +7,17 @@
require 'active_support/time'
require 'active_support/core_ext/kernel/reporting'
require 'active_support/core_ext/string/strip'
+require 'active_support/core_ext/string/output_safety'
class StringInflectionsTest < Test::Unit::TestCase
include InflectorTestCases
+ def test_erb_escape
+ string = [192, 60].pack('CC')
+ expected = 192.chr + "&lt;"
+ assert_equal expected, ERB::Util.html_escape(string)
+ end
+
def test_strip_heredoc_on_an_empty_string
assert_equal '', ''.strip_heredoc
end
Please sign in to comment.
Something went wrong with that request. Please try again.