Module: Inversion::Escaping
- Included in:
- Template::EscapeTag, Template::PpTag, Template::UriencodeTag
- Defined in:
- lib/inversion/mixins.rb
Overview
A mixin that adds configurable escaping to a tag class.
class MyTag < Inversion::Template::Tag
include Inversion::Escaping
def render( renderstate )
val = self.get_rendered_value
return self.escape( val.to_s, renderstate )
end
end
To add a new kind of escaping to Inversion, add a #escape_<formatname> method to this module similar to #escape_html.
Constant Summary collapse
- DEFAULT_ESCAPE_FORMAT =
The fallback escape format
:none- URI_ENCODED_CHARACTERS =
Unreserved characters from section 2.3 of RFC 3986 ALPHA / DIGIT / “-” / “.” / “_” / “~”
/[^\w\-\.~]/
Class Method Summary collapse
-
.included(mod) ⇒ Object
Inclusion callback; add Loggability if it isn’t already present.
Instance Method Summary collapse
-
#escape(output, render_state) ⇒ Object
Escape the ‘output` using the format specified by the given `render_state`’s config.
-
#escape_html(output) ⇒ Object
Escape the given ‘output` using HTML entity-encoding.
-
#escape_uri(output) ⇒ Object
Escape the given ‘output` using the encoding specified in RFC3986 (URIs).
Class Method Details
.included(mod) ⇒ Object
Inclusion callback; add Loggability if it isn’t already present
138 139 140 141 142 143 144 |
# File 'lib/inversion/mixins.rb', line 138 def self::included( mod ) super unless mod < Loggability mod.extend( Loggability ) mod.log_to( :inversion ) end end |
Instance Method Details
#escape(output, render_state) ⇒ Object
Escape the ‘output` using the format specified by the given `render_state`’s config.
148 149 150 151 152 153 154 155 156 157 158 159 |
# File 'lib/inversion/mixins.rb', line 148 def escape( output, render_state ) format = render_state.[:escape_format] || DEFAULT_ESCAPE_FORMAT return output if format == :none unless self.respond_to?( "escape_#{format}" ) self.log.error "Format %p not supported. To add support, define a #escape_%s to %s" % [ format, format, __FILE__ ] raise Inversion::OptionsError, "No such escape format %p" % [ format ] end return self.__send__( "escape_#{format}", output ) end |
#escape_html(output) ⇒ Object
Escape the given ‘output` using HTML entity-encoding.
163 164 165 166 167 168 |
# File 'lib/inversion/mixins.rb', line 163 def escape_html( output ) return output.to_s. gsub( /&/, '&' ). gsub( /</, '<' ). gsub( />/, '>' ) end |
#escape_uri(output) ⇒ Object
Escape the given ‘output` using the encoding specified in RFC3986 (URIs)
172 173 174 175 176 177 178 179 |
# File 'lib/inversion/mixins.rb', line 172 def escape_uri( output ) return output.to_s.gsub( URI_ENCODED_CHARACTERS ) do |m| bytes = m[ 0 ].each_byte bytes.inject( String.new ) do |buf, char| buf + sprintf( '%%%0X', char ) end end.force_encoding( Encoding::US_ASCII ) end |