Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Fix that captured content (e.g. with form_for or div_for) would be HT…

…ML-escaped even without the rails_xss plugin installed. Rails 2.3.7, we barely knew ya...
  • Loading branch information...
commit c66013e2c5dc77e9bfa06111fb8841b9b0e41ceb 1 parent f97da34
@jeremy jeremy authored
View
2  actionpack/lib/action_view/helpers/capture_helper.rb
@@ -124,7 +124,7 @@ def content_for(name, content = nil, &block)
# Use an alternate output buffer for the duration of the block.
# Defaults to a new empty string.
- def with_output_buffer(buf = ActiveSupport::SafeBuffer.new) #:nodoc:
+ def with_output_buffer(buf = '') #:nodoc:
self.output_buffer, old_buffer = buf, output_buffer
yield
output_buffer
View
2  actionpack/lib/action_view/test_case.rb
@@ -53,7 +53,7 @@ def initialize
setup :setup_with_controller
def setup_with_controller
@controller = TestController.new
- @output_buffer = ''.html_safe
+ @output_buffer = ''
@rendered = ''
self.class.send(:include_helper_modules!)
View
2  actionpack/test/controller/capture_test.rb
@@ -36,7 +36,7 @@ def setup
def test_simple_capture
get :capturing
- assert_equal "Dreamy days", @response.body.strip
+ assert_equal "<p>Dreamy days</p>", @response.body.strip
end
def test_content_for
View
4 actionpack/test/fixtures/test/capturing.erb
@@ -1,4 +1,4 @@
<% days = capture do %>
- Dreamy days
+ <p>Dreamy days</p>
<% end %>
-<%= days %>
+<%= days %>
Please sign in to comment.
Something went wrong with that request. Please try again.