instiki/vendor/plugins/erubis-2.6.5/lib/erubis/engine/optimized.rb
Jacques Distler a5e08f7bcc Rails_xss Plugin
I installed the rails_xss plugin, for
the main purpose of seeing what will
break with Rails 3.0 (where the behaviour
of the plugin is the default). I think
I've fixed everything, but let me know if you
see stuff that is HTML-escaped, which
shouldn't be.

As a side benefit, we now use Erubis,
rather than ERB, to render templates.
They tell me it's faster ...
2010-05-26 00:27:49 -05:00

127 lines
2.6 KiB
Ruby

##
## $Release: 2.6.5 $
## copyright(c) 2006-2009 kuwata-lab.com all rights reserved.
##
require 'erubis/engine/eruby'
module Erubis
module OptimizedGenerator
include Generator
def self.supported_properties() # :nodoc:
return []
end
def init_generator(properties={})
super
@escapefunc ||= "Erubis::XmlHelper.escape_xml"
@initialized = false
@prev_is_expr = false
end
protected
def escape_text(text)
text.gsub(/['\\]/, '\\\\\&') # "'" => "\\'", '\\' => '\\\\'
end
def escaped_expr(code)
@escapefunc ||= 'Erubis::XmlHelper.escape_xml'
return "#{@escapefunc}(#{code})"
end
def switch_to_expr(src)
return if @prev_is_expr
@prev_is_expr = true
src << ' _buf'
end
def switch_to_stmt(src)
return unless @prev_is_expr
@prev_is_expr = false
src << ';'
end
def add_preamble(src)
#@initialized = false
#@prev_is_expr = false
end
def add_text(src, text)
return if text.empty?
if @initialized
switch_to_expr(src)
src << " << '" << escape_text(text) << "'"
else
src << "_buf = '" << escape_text(text) << "';"
@initialized = true
end
end
def add_stmt(src, code)
switch_to_stmt(src) if @initialized
#super
src << code
src << ';' unless code[-1] == ?\n
end
def add_expr_literal(src, code)
unless @initialized; src << "_buf = ''"; @initialized = true; end
switch_to_expr(src)
src << " << (" << code << ").to_s"
end
def add_expr_escaped(src, code)
unless @initialized; src << "_buf = ''"; @initialized = true; end
switch_to_expr(src)
src << " << " << escaped_expr(code)
end
def add_expr_debug(src, code)
code.strip!
s = (code.dump =~ /\A"(.*)"\z/) && $1
src << ' $stderr.puts("*** debug: ' << s << '=#{(' << code << ').inspect}");'
end
def add_postamble(src)
#super if @initialized
src << "\n_buf\n" if @initialized
end
end # end of class OptimizedEruby
##
## Eruby class which generates optimized ruby code
##
class OptimizedEruby < Basic::Engine # Eruby
include RubyEvaluator
include OptimizedGenerator
def init_converter(properties={})
@pi = 'rb'
super(properties)
end
end
##
## XmlEruby class which generates optimized ruby code
##
class OptimizedXmlEruby < OptimizedEruby
include EscapeEnhancer
def add_expr_debug(src, code)
switch_to_stmt(src) if indicator == '===' && !@initialized
super
end
end # end of class OptimizedXmlEruby
end