Class: Brakeman::SlimTemplateProcessor
- Inherits:
-
TemplateProcessor
- Object
- SexpProcessor
- BaseProcessor
- TemplateProcessor
- Brakeman::SlimTemplateProcessor
- Includes:
- RenderHelper
- Defined in:
- lib/brakeman/processors/slim_template_processor.rb
Constant Summary collapse
- SAFE_BUFFER =
s(:call, s(:colon2, s(:const, :ActiveSupport), :SafeBuffer), :new)
- OUTPUT_BUFFER =
s(:ivar, :@output_buffer)
- TEMPLE_UTILS =
s(:colon2, s(:colon3, :Temple), :Utils)
Constants inherited from BaseProcessor
Constants included from Util
Util::ALL_PARAMETERS, Util::COOKIES, Util::COOKIES_SEXP, Util::PARAMETERS, Util::PARAMS_SEXP, Util::PATH_PARAMETERS, Util::QUERY_PARAMETERS, Util::REQUEST_ENV, Util::REQUEST_PARAMETERS, Util::REQUEST_PARAMS, Util::SESSION, Util::SESSION_SEXP
Constants inherited from SexpProcessor
Brakeman::SexpProcessor::VERSION
Instance Attribute Summary
Attributes inherited from SexpProcessor
Instance Method Summary collapse
- #is_escaped?(exp) ⇒ Boolean
- #make_escaped_output(exp) ⇒ Object
- #make_output(exp) ⇒ Object
- #process_call(exp) ⇒ Object
-
#process_inside_interp(exp) ⇒ Object
Slim likes to interpolate output into strings then pass them to safe_concat.
- #process_interp_output(exp) ⇒ Object
- #process_render(exp) ⇒ Object
- #render?(exp) ⇒ Boolean
Methods included from RenderHelper
#get_class_target, #get_options, #process_action, #process_layout, #process_partial, #process_template, #template_name
Methods inherited from TemplateProcessor
#initialize, #process, #process_escaped_output, #process_lasgn, #process_output
Methods inherited from BaseProcessor
#find_render_type, #ignore, #initialize, #make_render, #make_render_in_view, #process_arglist, #process_attrasgn, #process_block, #process_default, #process_dstr, #process_evstr, #process_hash, #process_if, #process_ignore, #process_iter, #process_lasgn, #process_scope
Methods included from Util
#array?, #block?, #call?, #camelize, #contains_class?, #context_for, #cookies?, #false?, #file_by_name, #file_for, #github_url, #hash?, #hash_access, #hash_insert, #hash_iterate, #integer?, #make_call, #node_type?, #number?, #params?, #pluralize, #regexp?, #relative_path, #request_env?, #request_value?, #result?, #set_env_defaults, #sexp?, #string?, #symbol?, #table_to_csv, #template_path_to_name, #true?, #truncate_table, #underscore
Methods included from ProcessorHelper
#class_name, #process_all, #process_all!, #process_call_args, #process_class, #process_module
Methods inherited from SexpProcessor
#error_handler, #in_context, #initialize, #process, #process_dummy, #scope
Constructor Details
This class inherits a constructor from Brakeman::TemplateProcessor
Instance Method Details
#is_escaped?(exp) ⇒ Boolean
96 97 98 99 100 |
# File 'lib/brakeman/processors/slim_template_processor.rb', line 96 def is_escaped? exp call? exp and exp.target == TEMPLE_UTILS and (exp.method == :escape_html or exp.method == :escape_html_safe) end |
#make_escaped_output(exp) ⇒ Object
55 56 57 58 59 60 |
# File 'lib/brakeman/processors/slim_template_processor.rb', line 55 def make_escaped_output exp s = Sexp.new :escaped_output, exp.first_arg s.line(exp.line) @current_template[:outputs] << s s end |
#make_output(exp) ⇒ Object
48 49 50 51 52 53 |
# File 'lib/brakeman/processors/slim_template_processor.rb', line 48 def make_output exp s = Sexp.new :output, exp s.line(exp.line) @current_template[:outputs] << s s end |
#process_call(exp) ⇒ Object
11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 |
# File 'lib/brakeman/processors/slim_template_processor.rb', line 11 def process_call exp target = exp.target method = exp.method if method == :safe_concat and (target == SAFE_BUFFER or target == OUTPUT_BUFFER) arg = exp.first_arg if call? arg and arg.method == :to_s arg = arg.target end if is_escaped? arg make_escaped_output arg elsif string? arg ignore elsif render? arg make_output make_render_in_view arg elsif node_type? arg, :interp, :dstr process_inside_interp arg elsif node_type? arg, :ignore ignore else make_output arg end elsif is_escaped? exp make_escaped_output exp.first_arg elsif target == nil and method == :render exp.arglist = process exp.arglist make_render_in_view exp else call = make_call target, method, process_all!(exp.args) call.original_line = exp.original_line call.line(exp.line) call end end |
#process_inside_interp(exp) ⇒ Object
Slim likes to interpolate output into strings then pass them to safe_concat. Better to pull those values out directly.
64 65 66 67 68 69 70 71 72 73 74 75 |
# File 'lib/brakeman/processors/slim_template_processor.rb', line 64 def process_inside_interp exp exp.map! do |e| if node_type? e, :evstr, :string_eval e.value = process_interp_output e.value e else e end end exp end |
#process_interp_output(exp) ⇒ Object
77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 |
# File 'lib/brakeman/processors/slim_template_processor.rb', line 77 def process_interp_output exp if sexp? exp if node_type? exp, :if process_interp_output exp.then_clause process_interp_output exp.else_clause elsif exp == SAFE_BUFFER ignore elsif render? exp make_output make_render_in_view exp elsif node_type? :output, :escaped_output exp elsif is_escaped? exp make_escaped_output exp else make_output exp end end end |
#process_render(exp) ⇒ Object
108 109 110 111 112 |
# File 'lib/brakeman/processors/slim_template_processor.rb', line 108 def process_render exp #Still confused as to why this is not needed in other template processors #but is needed here exp end |
#render?(exp) ⇒ Boolean
102 103 104 105 106 |
# File 'lib/brakeman/processors/slim_template_processor.rb', line 102 def render? exp call? exp and exp.target.nil? and exp.method == :render end |