* The approach is to compile <% %> into a method call that checks whether the value returned from a block is a String. If it is, it concats to the buffer and prints a deprecation warning. * <%= %> uses exactly the same logic to compile the template, which first checks to see whether it's compiling a block. * This should have no impact on other uses of block in templates. For instance, in <% [1,2,3].each do |i| %><%= i %><% end %>, the call to each returns an Array, not a String, so the result is not concatenated * In two cases (#capture and #cache), a String can be returned that should *never* be concatenated. We have temporarily created a String subclass called NonConcattingString which behaves (and is serialized) identically to String, but is not concatenated by the code that handles deprecated <% %> block helpers. Once we remove support for <% %> block helpers, we can remove NonConcattingString.
[#4182 state:committed] Signed-off-by: Jeremy Kemper <email@example.com>
…pport::SafeBuffer Signed-off-by: Yehuda Katz <wycats@Yehuda-Katz.local>
This consists of: * String#html_safe! a method to mark a string as 'safe' * ActionView::SafeBuffer a string subclass which escapes anything unsafe which is concatenated to it * Calls to String#html_safe! throughout the rails helpers * a 'raw' helper which lets you concatenate trusted HTML from non-safety-aware sources (e.g. presantized strings in the DB) * New ERB implementation based on erubis which uses a SafeBuffer instead of a String Hat tip to Django for the inspiration.
…ent [#1311 state:resolved] Signed-off-by: Pratik Naik <firstname.lastname@example.org>
…ning what the proc does in various cases.
…dy then start a new buffer. Useful for pushing custom parts to the response body without disrupting template rendering.
…f the update block
…plate variable visible in block binding.
… of the block
…tting the instance variable so others can override the methods.
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7622 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
…ameter instead of just the block #9434 [sandofsky/wildchild] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7522 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7211 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
…html and .rxml extensions [Chad Fowler]. This is done to separate the renderer from the mime type. .erb templates are often used to render emails, atom, csv, whatever. So labeling them .rhtml doesn't make too much sense. The same goes for .rxml, which can be used to build everything from HTML to Atom to whatever. .rhtml and .rxml will continue to work until Rails 3.0, though. So this is a slow phasing out. All generators and examples will start using the new aliases, though. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6178 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
… to render templates. Defaults to _erbout; use _buf for erubis. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@5544 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
…sh after assets (closes #6454) [BobSilva/chrismear] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@5335 5ecf4fe2-1ee6-0310-87b1-e25e094e27de