Inversion::

Escaping module

A mixin that adds configurable escaping to a tag class.

class MyTag < Inversion::Template::Tag
    include Inversion::Escaping

    def render( renderstate )
        val = self.get_rendered_value
        return self.escape( val.to_s, renderstate )
    end
end

To add a new kind of escaping to Inversion, add a escape_<formatname> method to this module similar to escape_html.

Constants

DEFAULT_ESCAPE_FORMAT

The fallback escape format

URI_ENCODED_CHARACTERS

Unreserved characters from section 2.3 of RFC 3986 ALPHA / DIGIT / “-” / “.” / “_” / “~”

Public Class Methods

included( mod )

Inclusion callback; add Loggability if it isn’t already present

# File lib/inversion/mixins.rb, line 137
def self::included( mod )
        super
        unless mod < Loggability
                mod.extend( Loggability )
                mod.log_to( :inversion )
        end
end

Public Instance Methods

escape( output, render_state )

Escape the ‘output` using the format specified by the given `render_state`’s config.

# File lib/inversion/mixins.rb, line 147
def escape( output, render_state )
        format = render_state.options[:escape_format] || DEFAULT_ESCAPE_FORMAT
        return output if format == :none

        unless self.respond_to?( "escape_#{format}" )
                self.log.error "Format %p not supported. To add support, define a #escape_%s to %s" %
                        [ format, format, __FILE__ ]
                raise Inversion::OptionsError, "No such escape format %p" % [ format ]
        end

        return self.__send__( "escape_#{format}", output )
end
escape_html( output )

Escape the given ‘output` using HTML entity-encoding.

# File lib/inversion/mixins.rb, line 162
def escape_html( output )
        return output.to_s.
                gsub( /&/, '&amp;' ).
                gsub( /</, '&lt;' ).
                gsub( />/, '&gt;' )
end
escape_uri( output )

Escape the given ‘output` using the encoding specified in RFC3986 (URIs)

# File lib/inversion/mixins.rb, line 171
def escape_uri( output )
        return output.to_s.gsub( URI_ENCODED_CHARACTERS ) do |m|
                bytes = m[ 0 ].each_byte
                bytes.inject( String.new ) do |buf, char|
                        buf + sprintf( '%%%0X', char )
                end
        end.force_encoding( Encoding::US_ASCII )
end