Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add escape_filter_interpolations option #984

Merged
merged 1 commit into from Jan 22, 2019
Merged

add escape_filter_interpolations option #984

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 1 addition & 1 deletion REFERENCE.md
View file
Open in desktop
Expand Up @@ -1121,7 +1121,7 @@ is compiled to
</div>

Note that `#{}` interpolation within filters is HTML-escaped if you specify
{Haml::Options#escape_html `:escape_html`} option.
{Haml::Options#escape_interpolated_html `:escape_interpolated_html`} option.

The functionality of some filters such as Markdown can be provided by many
different libraries. Usually you don't have to worry about this - you can just
Expand Down
6 changes: 5 additions & 1 deletion lib/haml/filters.rb
View file
Open in desktop
Expand Up @@ -164,7 +164,11 @@ def compile(compiler, text)
if contains_interpolation?(text)
return if options[:suppress_eval]

text = unescape_interpolation(text, options[:escape_html]).gsub(/(\\+)n/) do |s|
escape = options[:escape_interpolated_html]
# `escape_interpolated_html` defaults to `escape_html` if unset.
escape = options[:escape_html] if escape.nil?

text = unescape_interpolation(text, escape).gsub(/(\\+)n/) do |s|
escapes = $1.size
next s if escapes % 2 == 0
"#{'\\' * (escapes - 1)}\n"
Expand Down
9 changes: 8 additions & 1 deletion lib/haml/options.rb
View file
Open in desktop
Expand Up @@ -8,7 +8,7 @@ class Options
@valid_formats = [:html4, :html5, :xhtml]

@buffer_option_keys = [:autoclose, :preserve, :attr_wrapper, :format,
:encoding, :escape_html, :escape_attrs, :hyphenate_data_attrs, :cdata]
:encoding, :escape_html, :escape_interpolated_html, :escape_attrs, :hyphenate_data_attrs, :cdata]

# The default option values.
# @return Hash
Expand Down Expand Up @@ -85,6 +85,13 @@ def self.wrap(options)
# Defaults to false.
attr_accessor :escape_html

# Sets whether or not to escape HTML-sensitive characters in interpolated strings.
# See also {file:REFERENCE.md#escaping_html Escaping HTML} and
# {file:REFERENCE.md#unescaping_html Unescaping HTML}.
#
# Defaults to the current value of `escape_html`.
attr_accessor :escape_interpolated_html

# The name of the Haml file being parsed.
# This is only used as information when exceptions are raised. This is
# automatically assigned when working through ActionView, so it's really
Expand Down
1 change: 1 addition & 0 deletions lib/haml/temple_engine.rb
View file
Open in desktop
Expand Up @@ -13,6 +13,7 @@ class TempleEngine < Temple::Engine
encoding: nil,
escape_attrs: true,
escape_html: false,
escape_interpolated_html: nil,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To make sure it's a boolean flag, the default value should be false instead of nil.

Copy link
Member

@k0kubun k0kubun Mar 10, 2018
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, okay I understood your intention. So probably you intends to mean absence of this option here. Never mind.

filename: '(haml)',
format: :html5,
hyphenate_data_attrs: true,
Expand Down