deac/instiki
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
instiki/vendor/plugins/erubis-2.6.5/doc-api/classes/Erubis/InterpolationEnhancer.html
Jacques Distler a5e08f7bcc Rails_xss Plugin 
I installed the rails_xss plugin, for
the main purpose of seeing what will
break with Rails 3.0 (where the behaviour
of the plugin is the default). I think
I've fixed everything, but let me know if you
see stuff that is HTML-escaped, which
shouldn't be.

As a side benefit, we now use Erubis,
rather than ERB, to render templates.
They tell me it's faster ...
2010-05-26 00:27:49 -05:00

306 lines
No EOL
19 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Module: Erubis::InterpolationEnhancer</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<link rel="stylesheet" href="../.././rdoc-style.css" type="text/css" media="screen" />
<script type="text/javascript">
// <![CDATA[
function popupCode( url ) {
window.open(url, "Code", "resizable=yes,scrollbars=yes,toolbar=no,status=no,height=150,width=400")
}
function toggleCode( id ) {
if ( document.getElementById )
elem = document.getElementById( id );
else if ( document.all )
elem = eval( "document.all." + id );
else
return false;
elemStyle = elem.style;
if ( elemStyle.display != "block" ) {
elemStyle.display = "block"
} else {
elemStyle.display = "none"
}
return true;
}
// Make codeblocks hidden by default
document.writeln( "<style type=\"text/css\">div.method-source-code { display: none }</style>" )
// ]]>
</script>
</head>
<body>
<div id="classHeader">
<table class="header-table">
<tr class="top-aligned-row">
<td><strong>Module</strong></td>
<td class="class-name-in-header">Erubis::InterpolationEnhancer</td>
</tr>
<tr class="top-aligned-row">
<td><strong>In:</strong></td>
<td>
<a href="../../files/erubis/enhancer_rb.html">
erubis/enhancer.rb
</a>
<br />
</td>
</tr>
</table>
</div>
<!-- banner header -->
<div id="bodyContent">
<div id="contextContent">
<div id="description">
<p>
convert &quot;&lt;h1&gt;&lt;%=title%&gt;&lt;/h1&gt;&quot; into &quot;_buf
&lt;&lt; %Q`&lt;h1&gt;#{title}&lt;/h1&gt;`&quot;
</p>
<p>
this is only for <a href="Eruby.html">Eruby</a>.
</p>
</div>
</div>
<div id="method-list">
<h3 class="section-bar">Methods</h3>
<div class="name-list">
<a href="#M000200">_add_text_to_str</a>&nbsp;&nbsp;
<a href="#M000201">add_expr_escaped</a>&nbsp;&nbsp;
<a href="#M000202">add_expr_literal</a>&nbsp;&nbsp;
<a href="#M000199">add_text</a>&nbsp;&nbsp;
<a href="#M000198">convert_input</a>&nbsp;&nbsp;
</div>
</div>
</div>
<!-- if includes -->
<div id="section">
<!-- if method_list -->
<div id="methods">
<h3 class="section-bar">Public Instance methods</h3>
<div id="method-M000200" class="method-detail">
<a name="M000200"></a>
<div class="method-heading">
<a href="#M000200" class="method-signature">
<span class="method-name">_add_text_to_str</span><span class="method-args">(str, text)</span>
</a>
</div>
<div class="method-description">
<p><a class="source-toggle" href="#"
onclick="toggleCode('M000200-source');return false;">[Source]</a></p>
<div class="method-source-code" id="M000200-source">
<pre>
<span class="ruby-comment cmt"># File erubis/enhancer.rb, line 663</span>
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">_add_text_to_str</span>(<span class="ruby-identifier">str</span>, <span class="ruby-identifier">text</span>)
<span class="ruby-keyword kw">return</span> <span class="ruby-keyword kw">if</span> <span class="ruby-operator">!</span><span class="ruby-identifier">text</span> <span class="ruby-operator">||</span> <span class="ruby-identifier">text</span>.<span class="ruby-identifier">empty?</span>
<span class="ruby-identifier">text</span>.<span class="ruby-identifier">gsub!</span>(<span class="ruby-regexp re">/['\#\\]/</span>, <span class="ruby-value str">'\\\\\&amp;'</span>)
<span class="ruby-identifier">str</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-identifier">text</span>
<span class="ruby-keyword kw">end</span>
</pre>
</div>
</div>
</div>
<div id="method-M000201" class="method-detail">
<a name="M000201"></a>
<div class="method-heading">
<a href="#M000201" class="method-signature">
<span class="method-name">add_expr_escaped</span><span class="method-args">(str, code)</span>
</a>
</div>
<div class="method-description">
<p><a class="source-toggle" href="#"
onclick="toggleCode('M000201-source');return false;">[Source]</a></p>
<div class="method-source-code" id="M000201-source">
<pre>
<span class="ruby-comment cmt"># File erubis/enhancer.rb, line 669</span>
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">add_expr_escaped</span>(<span class="ruby-identifier">str</span>, <span class="ruby-identifier">code</span>)
<span class="ruby-identifier">str</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-node">&quot;\#{#{escaped_expr(code)}}&quot;</span>
<span class="ruby-keyword kw">end</span>
</pre>
</div>
</div>
</div>
<div id="method-M000202" class="method-detail">
<a name="M000202"></a>
<div class="method-heading">
<a href="#M000202" class="method-signature">
<span class="method-name">add_expr_literal</span><span class="method-args">(str, code)</span>
</a>
</div>
<div class="method-description">
<p><a class="source-toggle" href="#"
onclick="toggleCode('M000202-source');return false;">[Source]</a></p>
<div class="method-source-code" id="M000202-source">
<pre>
<span class="ruby-comment cmt"># File erubis/enhancer.rb, line 673</span>
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">add_expr_literal</span>(<span class="ruby-identifier">str</span>, <span class="ruby-identifier">code</span>)
<span class="ruby-identifier">str</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-node">&quot;\#{#{code}}&quot;</span>
<span class="ruby-keyword kw">end</span>
</pre>
</div>
</div>
</div>
<div id="method-M000199" class="method-detail">
<a name="M000199"></a>
<div class="method-heading">
<a href="#M000199" class="method-signature">
<span class="method-name">add_text</span><span class="method-args">(src, text)</span>
</a>
</div>
<div class="method-description">
<p><a class="source-toggle" href="#"
onclick="toggleCode('M000199-source');return false;">[Source]</a></p>
<div class="method-source-code" id="M000199-source">
<pre>
<span class="ruby-comment cmt"># File erubis/enhancer.rb, line 652</span>
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">add_text</span>(<span class="ruby-identifier">src</span>, <span class="ruby-identifier">text</span>)
<span class="ruby-keyword kw">return</span> <span class="ruby-keyword kw">if</span> <span class="ruby-operator">!</span><span class="ruby-identifier">text</span> <span class="ruby-operator">||</span> <span class="ruby-identifier">text</span>.<span class="ruby-identifier">empty?</span>
<span class="ruby-comment cmt">#src &lt;&lt; &quot; _buf &lt;&lt; %Q`&quot; &lt;&lt; text &lt;&lt; &quot;`;&quot;</span>
<span class="ruby-keyword kw">if</span> <span class="ruby-identifier">text</span>[<span class="ruby-value">-1</span>] <span class="ruby-operator">==</span> <span class="ruby-value">?\n</span>
<span class="ruby-identifier">text</span>[<span class="ruby-value">-1</span>] = <span class="ruby-value str">&quot;\\n&quot;</span>
<span class="ruby-identifier">src</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-value str">&quot; _buf &lt;&lt; %Q`&quot;</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-identifier">text</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-value str">&quot;`\n&quot;</span>
<span class="ruby-keyword kw">else</span>
<span class="ruby-identifier">src</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-value str">&quot; _buf &lt;&lt; %Q`&quot;</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-identifier">text</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-value str">&quot;`;&quot;</span>
<span class="ruby-keyword kw">end</span>
<span class="ruby-keyword kw">end</span>
</pre>
</div>
</div>
</div>
<div id="method-M000198" class="method-detail">
<a name="M000198"></a>
<div class="method-heading">
<a href="#M000198" class="method-signature">
<span class="method-name">convert_input</span><span class="method-args">(src, input)</span>
</a>
</div>
<div class="method-description">
<p><a class="source-toggle" href="#"
onclick="toggleCode('M000198-source');return false;">[Source]</a></p>
<div class="method-source-code" id="M000198-source">
<pre>
<span class="ruby-comment cmt"># File erubis/enhancer.rb, line 597</span>
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">convert_input</span>(<span class="ruby-identifier">src</span>, <span class="ruby-identifier">input</span>)
<span class="ruby-identifier">pat</span> = <span class="ruby-ivar">@pattern</span>
<span class="ruby-identifier">regexp</span> = <span class="ruby-identifier">pat</span>.<span class="ruby-identifier">nil?</span> <span class="ruby-operator">||</span> <span class="ruby-identifier">pat</span> <span class="ruby-operator">==</span> <span class="ruby-value str">'&lt;% %&gt;'</span> <span class="ruby-operator">?</span> <span class="ruby-constant">Basic</span><span class="ruby-operator">::</span><span class="ruby-constant">Converter</span><span class="ruby-operator">::</span><span class="ruby-constant">DEFAULT_REGEXP</span> <span class="ruby-operator">:</span> <span class="ruby-identifier">pattern_regexp</span>(<span class="ruby-identifier">pat</span>)
<span class="ruby-identifier">pos</span> = <span class="ruby-value">0</span>
<span class="ruby-identifier">is_bol</span> = <span class="ruby-keyword kw">true</span> <span class="ruby-comment cmt"># is beginning of line</span>
<span class="ruby-identifier">str</span> = <span class="ruby-value str">''</span>
<span class="ruby-identifier">input</span>.<span class="ruby-identifier">scan</span>(<span class="ruby-identifier">regexp</span>) <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">indicator</span>, <span class="ruby-identifier">code</span>, <span class="ruby-identifier">tailch</span>, <span class="ruby-identifier">rspace</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">match</span> = <span class="ruby-constant">Regexp</span>.<span class="ruby-identifier">last_match</span>()
<span class="ruby-identifier">len</span> = <span class="ruby-identifier">match</span>.<span class="ruby-identifier">begin</span>(<span class="ruby-value">0</span>) <span class="ruby-operator">-</span> <span class="ruby-identifier">pos</span>
<span class="ruby-identifier">text</span> = <span class="ruby-identifier">input</span>[<span class="ruby-identifier">pos</span>, <span class="ruby-identifier">len</span>]
<span class="ruby-identifier">pos</span> = <span class="ruby-identifier">match</span>.<span class="ruby-identifier">end</span>(<span class="ruby-value">0</span>)
<span class="ruby-identifier">ch</span> = <span class="ruby-identifier">indicator</span> <span class="ruby-value">? </span><span class="ruby-identifier">indicator</span>[<span class="ruby-value">0</span>] <span class="ruby-operator">:</span> <span class="ruby-keyword kw">nil</span>
<span class="ruby-identifier">lspace</span> = <span class="ruby-identifier">ch</span> <span class="ruby-operator">==</span> <span class="ruby-value">?=</span> <span class="ruby-operator">?</span> <span class="ruby-keyword kw">nil</span> <span class="ruby-operator">:</span> <span class="ruby-identifier">detect_spaces_at_bol</span>(<span class="ruby-identifier">text</span>, <span class="ruby-identifier">is_bol</span>)
<span class="ruby-identifier">is_bol</span> = <span class="ruby-identifier">rspace</span> <span class="ruby-value">? </span><span class="ruby-keyword kw">true</span> <span class="ruby-operator">:</span> <span class="ruby-keyword kw">false</span>
<span class="ruby-identifier">_add_text_to_str</span>(<span class="ruby-identifier">str</span>, <span class="ruby-identifier">text</span>)
<span class="ruby-comment cmt">## * when '&lt;%= %&gt;', do nothing</span>
<span class="ruby-comment cmt">## * when '&lt;% %&gt;' or '&lt;%# %&gt;', delete spaces iff only spaces are around '&lt;% %&gt;'</span>
<span class="ruby-keyword kw">if</span> <span class="ruby-identifier">ch</span> <span class="ruby-operator">==</span> <span class="ruby-value">?=</span> <span class="ruby-comment cmt"># &lt;%= %&gt;</span>
<span class="ruby-identifier">rspace</span> = <span class="ruby-keyword kw">nil</span> <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">tailch</span> <span class="ruby-operator">&amp;&amp;</span> <span class="ruby-operator">!</span><span class="ruby-identifier">tailch</span>.<span class="ruby-identifier">empty?</span>
<span class="ruby-identifier">str</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-identifier">lspace</span> <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">lspace</span>
<span class="ruby-identifier">add_expr</span>(<span class="ruby-identifier">str</span>, <span class="ruby-identifier">code</span>, <span class="ruby-identifier">indicator</span>)
<span class="ruby-identifier">str</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-identifier">rspace</span> <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">rspace</span>
<span class="ruby-keyword kw">elsif</span> <span class="ruby-identifier">ch</span> <span class="ruby-operator">==</span> <span class="ruby-value">?\#</span> <span class="ruby-comment cmt"># &lt;%# %&gt;</span>
<span class="ruby-identifier">n</span> = <span class="ruby-identifier">code</span>.<span class="ruby-identifier">count</span>(<span class="ruby-value str">&quot;\n&quot;</span>) <span class="ruby-operator">+</span> (<span class="ruby-identifier">rspace</span> <span class="ruby-value">? </span><span class="ruby-value">1</span> <span class="ruby-operator">:</span> <span class="ruby-value">0</span>)
<span class="ruby-keyword kw">if</span> <span class="ruby-ivar">@trim</span> <span class="ruby-operator">&amp;&amp;</span> <span class="ruby-identifier">lspace</span> <span class="ruby-operator">&amp;&amp;</span> <span class="ruby-identifier">rspace</span>
<span class="ruby-identifier">add_text</span>(<span class="ruby-identifier">src</span>, <span class="ruby-identifier">str</span>)
<span class="ruby-identifier">str</span> = <span class="ruby-value str">''</span>
<span class="ruby-identifier">add_stmt</span>(<span class="ruby-identifier">src</span>, <span class="ruby-value str">&quot;\n&quot;</span> <span class="ruby-operator">*</span> <span class="ruby-identifier">n</span>)
<span class="ruby-keyword kw">else</span>
<span class="ruby-identifier">str</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-identifier">lspace</span> <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">lspace</span>
<span class="ruby-identifier">add_text</span>(<span class="ruby-identifier">src</span>, <span class="ruby-identifier">str</span>)
<span class="ruby-identifier">str</span> = <span class="ruby-value str">''</span>
<span class="ruby-identifier">add_stmt</span>(<span class="ruby-identifier">src</span>, <span class="ruby-value str">&quot;\n&quot;</span> <span class="ruby-operator">*</span> <span class="ruby-identifier">n</span>)
<span class="ruby-identifier">str</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-identifier">rspace</span> <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">rspace</span>
<span class="ruby-keyword kw">end</span>
<span class="ruby-keyword kw">else</span> <span class="ruby-comment cmt"># &lt;% %&gt;</span>
<span class="ruby-keyword kw">if</span> <span class="ruby-ivar">@trim</span> <span class="ruby-operator">&amp;&amp;</span> <span class="ruby-identifier">lspace</span> <span class="ruby-operator">&amp;&amp;</span> <span class="ruby-identifier">rspace</span>
<span class="ruby-identifier">add_text</span>(<span class="ruby-identifier">src</span>, <span class="ruby-identifier">str</span>)
<span class="ruby-identifier">str</span> = <span class="ruby-value str">''</span>
<span class="ruby-identifier">add_stmt</span>(<span class="ruby-identifier">src</span>, <span class="ruby-node">&quot;#{lspace}#{code}#{rspace}&quot;</span>)
<span class="ruby-keyword kw">else</span>
<span class="ruby-identifier">str</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-identifier">lspace</span> <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">lspace</span>
<span class="ruby-identifier">add_text</span>(<span class="ruby-identifier">src</span>, <span class="ruby-identifier">str</span>)
<span class="ruby-identifier">str</span> = <span class="ruby-value str">''</span>
<span class="ruby-identifier">add_stmt</span>(<span class="ruby-identifier">src</span>, <span class="ruby-identifier">code</span>)
<span class="ruby-identifier">str</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-identifier">rspace</span> <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">rspace</span>
<span class="ruby-keyword kw">end</span>
<span class="ruby-keyword kw">end</span>
<span class="ruby-keyword kw">end</span>
<span class="ruby-comment cmt">#rest = $' || input # ruby1.8</span>
<span class="ruby-identifier">rest</span> = <span class="ruby-identifier">pos</span> <span class="ruby-operator">==</span> <span class="ruby-value">0</span> <span class="ruby-operator">?</span> <span class="ruby-identifier">input</span> <span class="ruby-operator">:</span> <span class="ruby-identifier">input</span>[<span class="ruby-identifier">pos</span><span class="ruby-operator">..</span><span class="ruby-value">-1</span>] <span class="ruby-comment cmt"># ruby1.9</span>
<span class="ruby-identifier">_add_text_to_str</span>(<span class="ruby-identifier">str</span>, <span class="ruby-identifier">rest</span>)
<span class="ruby-identifier">add_text</span>(<span class="ruby-identifier">src</span>, <span class="ruby-identifier">str</span>)
<span class="ruby-keyword kw">end</span>
</pre>
</div>
</div>
</div>
</div>
</div>
<div id="validator-badges">
<p><small><a href="http://validator.w3.org/check/referer">[Validate]</a></small></p>
</div>
</body>
</html>
Reference in a new issue View git blame Copy permalink