Inversion::
Escaping module
A mixin that adds configurable escaping to a tag class.
class MyTag < Inversion::Template::Tag include Inversion::Escaping def render( renderstate ) val = self.get_rendered_value return self.escape( val.to_s, renderstate ) end end
To add a new kind of escaping to Inversion, add a escape_<formatname> method to this module similar to escape_html.
Constants
- DEFAULT_ESCAPE_FORMAT
The fallback escape format
- URI_ENCODED_CHARACTERS
Unreserved characters from section 2.3 of RFC 3986 ALPHA / DIGIT / “-” / “.” / “_” / “~”
Public Class Methods
Inclusion callback; add Loggability if it isn’t already present
# File lib/inversion/mixins.rb, line 137
def self::included( mod )
super
unless mod < Loggability
mod.extend( Loggability )
mod.log_to( :inversion )
end
endPublic Instance Methods
Escape the ‘output` using the format specified by the given `render_state`’s config.
# File lib/inversion/mixins.rb, line 147
def escape( output, render_state )
format = render_state.options[:escape_format] || DEFAULT_ESCAPE_FORMAT
return output if format == :none
unless self.respond_to?( "escape_#{format}" )
self.log.error "Format %p not supported. To add support, define a #escape_%s to %s" %
[ format, format, __FILE__ ]
raise Inversion::OptionsError, "No such escape format %p" % [ format ]
end
return self.__send__( "escape_#{format}", output )
endEscape the given ‘output` using HTML entity-encoding.
# File lib/inversion/mixins.rb, line 162
def escape_html( output )
return output.to_s.
gsub( /&/, '&' ).
gsub( /</, '<' ).
gsub( />/, '>' )
endEscape the given ‘output` using the encoding specified in RFC3986 (URIs)
# File lib/inversion/mixins.rb, line 171
def escape_uri( output )
return output.to_s.gsub( URI_ENCODED_CHARACTERS ) do |m|
bytes = m[ 0 ].each_byte
bytes.inject( String.new ) do |buf, char|
buf + sprintf( '%%%0X', char )
end
end.force_encoding( Encoding::US_ASCII )
end