class ActiveSupport::SafeBuffer
Constants
- UNSAFE_STRING_METHODS
- UNSAFE_STRING_METHODS_WITH_BACKREF
Public Class Methods
new(str = "")
click to toggle source
Calls superclass method
# File lib/active_support/core_ext/string/output_safety.rb, line 200 def initialize(str = "") @html_safe = true super end
Public Instance Methods
%(args)
click to toggle source
Calls superclass method
# File lib/active_support/core_ext/string/output_safety.rb, line 257 def %(args) case args when Hash escaped_args = args.transform_values { |arg| explicit_html_escape_interpolated_argument(arg) } else escaped_args = Array(args).map { |arg| explicit_html_escape_interpolated_argument(arg) } end self.class.new(super(escaped_args)) end
*(*)
click to toggle source
Calls superclass method
# File lib/active_support/core_ext/string/output_safety.rb, line 250 def *(*) new_string = super new_safe_buffer = new_string.is_a?(SafeBuffer) ? new_string : SafeBuffer.new(new_string) new_safe_buffer.instance_variable_set(:@html_safe, @html_safe) new_safe_buffer end
+(other)
click to toggle source
# File lib/active_support/core_ext/string/output_safety.rb, line 246 def +(other) dup.concat(other) end
[](*args)
click to toggle source
Calls superclass method
# File lib/active_support/core_ext/string/output_safety.rb, line 181 def [](*args) if html_safe? new_string = super return unless new_string new_safe_buffer = new_string.is_a?(SafeBuffer) ? new_string : SafeBuffer.new(new_string) new_safe_buffer.instance_variable_set :@html_safe, true new_safe_buffer else to_str[*args] end end
[]=(*args)
click to toggle source
Calls superclass method
# File lib/active_support/core_ext/string/output_safety.rb, line 238 def []=(*args) if args.length == 3 super(args[0], args[1], implicit_html_escape_interpolated_argument(args[2])) else super(args[0], implicit_html_escape_interpolated_argument(args[1])) end end
bytesplice(*args, value)
click to toggle source
Calls superclass method
# File lib/active_support/core_ext/string/output_safety.rb, line 222 def bytesplice(*args, value) super(*args, implicit_html_escape_interpolated_argument(value)) end
clone_empty()
click to toggle source
# File lib/active_support/core_ext/string/output_safety.rb, line 210 def clone_empty self[0, 0] end
concat(value)
click to toggle source
Calls superclass method
# File lib/active_support/core_ext/string/output_safety.rb, line 214 def concat(value) unless value.nil? super(implicit_html_escape_interpolated_argument(value)) end self end
Also aliased as: original_concat, <<
encode_with(coder)
click to toggle source
# File lib/active_support/core_ext/string/output_safety.rb, line 280 def encode_with(coder) coder.represent_object nil, to_str end
html_safe?()
click to toggle source
# File lib/active_support/core_ext/string/output_safety.rb, line 268 def html_safe? defined?(@html_safe) && @html_safe end
initialize_copy(other)
click to toggle source
Calls superclass method
# File lib/active_support/core_ext/string/output_safety.rb, line 205 def initialize_copy(other) super @html_safe = other.html_safe? end
insert(index, value)
click to toggle source
Calls superclass method
# File lib/active_support/core_ext/string/output_safety.rb, line 226 def insert(index, value) super(index, implicit_html_escape_interpolated_argument(value)) end
prepend(value)
click to toggle source
Calls superclass method
# File lib/active_support/core_ext/string/output_safety.rb, line 230 def prepend(value) super(implicit_html_escape_interpolated_argument(value)) end
replace(value)
click to toggle source
Calls superclass method
# File lib/active_support/core_ext/string/output_safety.rb, line 234 def replace(value) super(implicit_html_escape_interpolated_argument(value)) end
safe_concat(value)
click to toggle source
# File lib/active_support/core_ext/string/output_safety.rb, line 195 def safe_concat(value) raise SafeConcatError unless html_safe? original_concat(value) end
to_param()
click to toggle source
# File lib/active_support/core_ext/string/output_safety.rb, line 276 def to_param to_str end
to_s()
click to toggle source
# File lib/active_support/core_ext/string/output_safety.rb, line 272 def to_s self end
Private Instance Methods
explicit_html_escape_interpolated_argument(arg)
click to toggle source
# File lib/active_support/core_ext/string/output_safety.rb, line 327 def explicit_html_escape_interpolated_argument(arg) (!html_safe? || arg.html_safe?) ? arg : CGI.escapeHTML(arg.to_s) end
implicit_html_escape_interpolated_argument(arg)
click to toggle source
# File lib/active_support/core_ext/string/output_safety.rb, line 331 def implicit_html_escape_interpolated_argument(arg) if !html_safe? || arg.html_safe? arg else arg_string = begin arg.to_str rescue NoMethodError => error if error.name == :to_str str = arg.to_s ActiveSupport::Deprecation.warn <<~MSG.squish Implicit conversion of #{arg.class} into String by ActiveSupport::SafeBuffer is deprecated and will be removed in Rails 7.1. You must explicitly cast it to a String. MSG str else raise end end CGI.escapeHTML(arg_string) end end
set_block_back_references(block, match_data)
click to toggle source
# File lib/active_support/core_ext/string/output_safety.rb, line 354 def set_block_back_references(block, match_data) block.binding.eval("proc { |m| $~ = m }").call(match_data) rescue ArgumentError # Can't create binding from C level Proc end