Class: Brakeman::Rails3Erubis
- Defined in:
- lib/brakeman/parsers/rails3_erubis.rb
Overview
This is from Rails 3 version of the Erubis handler
Constant Summary collapse
- BLOCK_EXPR =
/\s+(do|\{)(\s*\|[^|]*\|)?\s*\Z/
Instance Method Summary collapse
- #add_expr_escaped(src, code) ⇒ Object
- #add_expr_literal(src, code) ⇒ Object
-
#add_postamble(src) ⇒ Object
Add code to output buffer.
- #add_preamble(src) ⇒ Object
- #add_stmt(src, code) ⇒ Object
-
#add_text(src, text) ⇒ Object
This is different from Rails 3 - fixes some line number issues.
Instance Method Details
#add_expr_escaped(src, code) ⇒ Object
50 51 52 53 54 55 56 |
# File 'lib/brakeman/parsers/rails3_erubis.rb', line 50 def add_expr_escaped(src, code) if code =~ BLOCK_EXPR src << "@output_buffer.safe_append= " << code else src << "@output_buffer.safe_concat(" << code << ");" end end |
#add_expr_literal(src, code) ⇒ Object
34 35 36 37 38 39 40 |
# File 'lib/brakeman/parsers/rails3_erubis.rb', line 34 def add_expr_literal(src, code) if code =~ BLOCK_EXPR src << '@output_buffer.append= ' << code else src << '@output_buffer.append= (' << code << ');' end end |
#add_postamble(src) ⇒ Object
Add code to output buffer.
59 60 61 |
# File 'lib/brakeman/parsers/rails3_erubis.rb', line 59 def add_postamble(src) # src << '_buf.to_s' end |
#add_preamble(src) ⇒ Object
6 7 8 |
# File 'lib/brakeman/parsers/rails3_erubis.rb', line 6 def add_preamble(src) # src << "_buf = ActionView::SafeBuffer.new;\n" end |
#add_stmt(src, code) ⇒ Object
42 43 44 45 46 47 48 |
# File 'lib/brakeman/parsers/rails3_erubis.rb', line 42 def add_stmt(src, code) if code =~ BLOCK_EXPR src << '@output_buffer.append_if_string= ' << code else super end end |
#add_text(src, text) ⇒ Object
This is different from Rails 3 - fixes some line number issues
11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 |
# File 'lib/brakeman/parsers/rails3_erubis.rb', line 11 def add_text(src, text) if text == "\n" src << "\n" elsif text.include? "\n" lines = text.split("\n") if text.match(/\n\z/) lines.each do |line| src << "@output_buffer << ('" << escape_text(line) << "'.html_safe!);\n" end else lines[0..-2].each do |line| src << "@output_buffer << ('" << escape_text(line) << "'.html_safe!);\n" end src << "@output_buffer << ('" << escape_text(lines.last) << "'.html_safe!);" end else src << "@output_buffer << ('" << escape_text(text) << "'.html_safe!);" end end |