a5e08f7bcc
I installed the rails_xss plugin, for the main purpose of seeing what will break with Rails 3.0 (where the behaviour of the plugin is the default). I think I've fixed everything, but let me know if you see stuff that is HTML-escaped, which shouldn't be. As a side benefit, we now use Erubis, rather than ERB, to render templates. They tell me it's faster ...
127 lines
2.7 KiB
HTML
127 lines
2.7 KiB
HTML
<?xml version="1.0" encoding="iso-8859-1"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
|
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
|
|
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
|
<head>
|
|
<title>Class: Erubis::EscapedEruby</title>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
|
|
<meta http-equiv="Content-Script-Type" content="text/javascript" />
|
|
<link rel="stylesheet" href="../.././rdoc-style.css" type="text/css" media="screen" />
|
|
<script type="text/javascript">
|
|
// <![CDATA[
|
|
|
|
function popupCode( url ) {
|
|
window.open(url, "Code", "resizable=yes,scrollbars=yes,toolbar=no,status=no,height=150,width=400")
|
|
}
|
|
|
|
function toggleCode( id ) {
|
|
if ( document.getElementById )
|
|
elem = document.getElementById( id );
|
|
else if ( document.all )
|
|
elem = eval( "document.all." + id );
|
|
else
|
|
return false;
|
|
|
|
elemStyle = elem.style;
|
|
|
|
if ( elemStyle.display != "block" ) {
|
|
elemStyle.display = "block"
|
|
} else {
|
|
elemStyle.display = "none"
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
// Make codeblocks hidden by default
|
|
document.writeln( "<style type=\"text/css\">div.method-source-code { display: none }</style>" )
|
|
|
|
// ]]>
|
|
</script>
|
|
|
|
</head>
|
|
<body>
|
|
|
|
|
|
|
|
<div id="classHeader">
|
|
<table class="header-table">
|
|
<tr class="top-aligned-row">
|
|
<td><strong>Class</strong></td>
|
|
<td class="class-name-in-header">Erubis::EscapedEruby</td>
|
|
</tr>
|
|
<tr class="top-aligned-row">
|
|
<td><strong>In:</strong></td>
|
|
<td>
|
|
<a href="../../files/erubis/engine/eruby_rb.html">
|
|
erubis/engine/eruby.rb
|
|
</a>
|
|
<br />
|
|
</td>
|
|
</tr>
|
|
|
|
<tr class="top-aligned-row">
|
|
<td><strong>Parent:</strong></td>
|
|
<td>
|
|
<a href="Eruby.html">
|
|
Eruby
|
|
</a>
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
</div>
|
|
<!-- banner header -->
|
|
|
|
<div id="bodyContent">
|
|
|
|
|
|
|
|
<div id="contextContent">
|
|
|
|
<div id="description">
|
|
<p>
|
|
swtich ’<%= %>’ to escaped and ’<%==
|
|
%>’ to not escaped
|
|
</p>
|
|
|
|
</div>
|
|
|
|
|
|
</div>
|
|
|
|
|
|
</div>
|
|
|
|
|
|
<!-- if includes -->
|
|
<div id="includes">
|
|
<h3 class="section-bar">Included Modules</h3>
|
|
|
|
<div id="includes-list">
|
|
<span class="include-name"><a href="EscapeEnhancer.html">EscapeEnhancer</a></span>
|
|
</div>
|
|
</div>
|
|
|
|
<div id="section">
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<!-- if method_list -->
|
|
|
|
|
|
</div>
|
|
|
|
|
|
<div id="validator-badges">
|
|
<p><small><a href="http://validator.w3.org/check/referer">[Validate]</a></small></p>
|
|
</div>
|
|
|
|
</body>
|
|
</html> |