Module: Conjur::Escape::ClassMethods

Defined in:
lib/conjur/escape.rb

Instance Method Summary collapse

Instance Method Details

#fully_escape(str) ⇒ String

URL escape the entire string. This is essentially the same as calling CGI.escape str.

Examples:

fully_escape 'foo/bar@baz'
# => "foo%2Fbar%40baz"

Parameters:

  • str (String)

    the string to escape

Returns:

  • (String)

    the escaped string



36
37
38
39
 
# File 'lib/conjur/escape.rb', line 36

def fully_escape(str)
  require 'cgi'
  CGI.escape(str.to_s)
end

#path_escape(str) ⇒ String

Escape a URI path component.

This method simply calls #path_or_query_escape.

Parameters:

  • str (String)

    the string to escape

Returns:

  • (String)

    the escaped string

See Also:



48
49
50
 
# File 'lib/conjur/escape.rb', line 48

def path_escape(str)
  path_or_query_escape str
end

#path_or_query_escape(str) ⇒ String

Escape a path or query value.

This method is similar to URI.escape, but it has several important differences:

  • If a falsey value is given, the string "false" is returned.
  • If the value given responds to #id, the value returned by str.id is escaped instead.
  • The value is escaped without modifying ':' or '/'.

Parameters:

  • str (String, FalseClass, NilClass, #id)

    the value to escape

Returns:

  • (String)

    the value escaped as described



72
73
74
75
76
77
78
79
 
# File 'lib/conjur/escape.rb', line 72

def path_or_query_escape(str)
  return "false" unless str
  str = str.id if str.respond_to?(:id)
  # Leave colons and forward slashes alone
  require 'uri'
  pattern = URI::PATTERN::UNRESERVED + ":\\/@"
  URI.escape(str.to_s, Regexp.new("[^#{pattern}]"))
end

#query_escape(str) ⇒ String

Escape a URI query value.

This method simply calls #path_or_query_escape.

Parameters:

  • str (String)

    the string to escape

Returns:

  • (String)

    the escaped string

See Also:



59
60
61
 
# File 'lib/conjur/escape.rb', line 59

def query_escape(str)
  path_or_query_escape str
end