Browse files

Fixed HTML::Tokenizer (used in sanitize helper) didnt handle unclosed…

… CDATA tags (closes #10071) [esad, packagethief]

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@9111 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
  • Loading branch information...
1 parent bdd8881 commit c57254d44930f43ccf300e8906bd46bd5aaf8ed3 @dhh dhh committed Mar 28, 2008
View
2 actionpack/CHANGELOG
@@ -1,5 +1,7 @@
*SVN*
+* Fixed HTML::Tokenizer (used in sanitize helper) didn't handle unclosed CDATA tags #10071 [esad, packagethief]
+
* Improve documentation. [Radar, Jan De Poorter, chuyeow, xaviershay, danger, miloops, Xavier Noria, Sunny Ripert]
* Fixed that FormHelper#radio_button would produce invalid ids #11298 [harlancrystal]
View
2 actionpack/lib/action_controller/vendor/html-scanner/html/tokenizer.rb
@@ -54,7 +54,7 @@ def scan_tag
tag << (@scanner.scan_until(/--\s*>/) || @scanner.scan_until(/\Z/))
elsif @scanner.scan(/!\[CDATA\[/)
tag << @scanner.matched
- tag << @scanner.scan_until(/\]\]>/)
+ tag << (@scanner.scan_until(/\]\]>/) || @scanner.scan_until(/\Z/))
elsif @scanner.scan(/!/) # doctype
tag << @scanner.matched
tag << consume_quoted_regions
View
7 actionpack/test/controller/html-scanner/tokenizer_test.rb
@@ -78,6 +78,13 @@ def test_cdata_tag
assert_end
end
+ def test_unterminated_cdata_tag
+ tokenize %{<content:encoded><![CDATA[ neverending...}
+ assert_next %{<content:encoded>}
+ assert_next %{<![CDATA[ neverending...}
+ assert_end
+ end
+
def test_less_than_with_space
tokenize %{original < hello > world}
assert_next %{original }

0 comments on commit c57254d

Please sign in to comment.