Changeset 9241

Timestamp:

04/08/08 04:52:01 (8 months ago)

Author:

rick

Message:

add json_escape ERB util to escape html entities in json strings that are output in HTML pages. [rick]

Files:

• trunk/actionpack/CHANGELOG (modified) (1 diff)
• trunk/actionpack/lib/action_view/template_handlers/erb.rb (modified) (2 diffs)
• trunk/actionpack/test/template/erb_util_test.rb (modified) (1 diff)

trunk/actionpack/CHANGELOG

@@ -1 +1 @@
-*SVN*
+
+* add json_escape ERB util to escape html entities in json strings that are output in HTML pages. [rick]
-
-* Provide a helper proxy to access helper methods from outside views. Closes #10839 [Josh Peek]

trunk/actionpack/lib/action_view/template_handlers/erb.rb

@@ -3 +3 @@
-class ERB
-  module Util
-
+
+
-
-    # A utility method for escaping HTML tag characters.
@@ -17 +18 @@
-      s.to_s.gsub(/[&"><]/) { |special| HTML_ESCAPE[special] }
-    end
+
+    # A utility method for escaping HTML entities in JSON strings.
+    # This method is also aliased as <tt>j</tt>.
+    #
+    # In your ERb templates, use this method to escape any HTML entities:
+    #   <%=j @person.to_json %>
+    #
+    # ==== Example:
+    #   puts json_escape("is a > 0 & a < 10?")
+    #   # => is a \u003E 0 \u0026 a \u003C 10?
+    def json_escape(s)
+      s.to_s.gsub(/[&"><]/) { |special| JSON_ESCAPE[special] }
+    end
+
+    alias j json_escape
+    module_function :j
+    module_function :json_escape
-  end
-end

trunk/actionpack/test/template/erb_util_test.rb

@@ -3 +3 @@
-class ErbUtilTest < Test::Unit::TestCase
-  include ERB::Util
-  
-  def test_amp
-    assert_equal '&amp;', html_escape('&')
-  end
-  
-  def test_quot
-    assert_equal '&quot;', html_escape('"')
-  end
-
-
-
-
+
+
+
+
-
-
-
+
+
+
+
+
-  end
-