instiki/vendor/plugins/erubis-2.6.5/lib/erubis/evaluator.rb
Jacques Distler a5e08f7bcc Rails_xss Plugin
I installed the rails_xss plugin, for
the main purpose of seeing what will
break with Rails 3.0 (where the behaviour
of the plugin is the default). I think
I've fixed everything, but let me know if you
see stuff that is HTML-escaped, which
shouldn't be.

As a side benefit, we now use Erubis,
rather than ERB, to render templates.
They tell me it's faster ...
2010-05-26 00:27:49 -05:00

89 lines
2.2 KiB
Ruby

##
## $Release: 2.6.5 $
## copyright(c) 2006-2009 kuwata-lab.com all rights reserved.
##
require 'erubis/error'
require 'erubis/context'
module Erubis
EMPTY_BINDING = binding()
##
## evaluate code
##
module Evaluator
def self.supported_properties # :nodoc:
return []
end
attr_accessor :src, :filename
def init_evaluator(properties)
@filename = properties[:filename]
end
def result(*args)
raise NotSupportedError.new("evaluation of code except Ruby is not supported.")
end
def evaluate(*args)
raise NotSupportedError.new("evaluation of code except Ruby is not supported.")
end
end
##
## evaluator for Ruby
##
module RubyEvaluator
include Evaluator
def self.supported_properties # :nodoc:
list = Evaluator.supported_properties
return list
end
## eval(@src) with binding object
def result(_binding_or_hash=TOPLEVEL_BINDING)
_arg = _binding_or_hash
if _arg.is_a?(Hash)
_b = binding()
eval _arg.collect{|k,v| "#{k} = _arg[#{k.inspect}]; "}.join, _b
elsif _arg.is_a?(Binding)
_b = _arg
elsif _arg.nil?
_b = binding()
else
raise ArgumentError.new("#{self.class.name}#result(): argument should be Binding or Hash but passed #{_arg.class.name} object.")
end
return eval(@src, _b, (@filename || '(erubis'))
end
## invoke context.instance_eval(@src)
def evaluate(_context=Context.new)
_context = Context.new(_context) if _context.is_a?(Hash)
#return _context.instance_eval(@src, @filename || '(erubis)')
#@_proc ||= eval("proc { #{@src} }", Erubis::EMPTY_BINDING, @filename || '(erubis)')
@_proc ||= eval("proc { #{@src} }", binding(), @filename || '(erubis)')
return _context.instance_eval(&@_proc)
end
## if object is an Class or Module then define instance method to it,
## else define singleton method to it.
def def_method(object, method_name, filename=nil)
m = object.is_a?(Module) ? :module_eval : :instance_eval
object.__send__(m, "def #{method_name}; #{@src}; end", filename || @filename || '(erubis)')
end
end
end