Module: Immunio::ErubisHooks

Extended by:
ActiveSupport::Concern
Defined in:
lib/immunio/plugins/action_view.rb

Overview

Hooks for the ERB template engine. (Default one used in Rails).

Instance Method Summary collapse

Instance Method Details

#add_expr_with_immunio(src, code, indicator) ⇒ Object 



339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
 
# File 'lib/immunio/plugins/action_view.rb', line 339

def add_expr_with_immunio(src, code, indicator)
  # Wrap expressions in the templates to track their rendered value.
  # Do not wrap expressions with blocks, eg.: <%= form_tag do %>
  # TODO should we support blocks?
  Request.time "plugin", "#{Module.nesting[0]}::#{__method__}" do
    unless code =~ BLOCK_EXPR
      # escape unless we see the == indicator
      escape = !(indicator == '==')
      code = Immunio::Template.generate_render_var_code(code, escape)
    end
    Request.pause "plugin", "#{Module.nesting[0]}::#{__method__}" do
      add_expr_without_immunio(src, code, indicator)
    end
  end
end