Project

General

Profile

« Previous | Next » 

Revision 2144

Added by Jean-Philippe Lang over 16 years ago

Escape double-quotes in image titles.

View differences:

trunk/lib/redcloth3.rb
435 435 
    #
436 436 
    # Flexible HTML escaping
437 437 
    #
438 
    def htmlesc( str, mode )
438 
    def htmlesc( str, mode=:Quotes )
439 
      if str
439 440 
        str.gsub!( '&', '&' )
440 441 
        str.gsub!( '"', '"' ) if mode != :NoQuotes
441 442 
        str.gsub!( "'", ''' ) if mode == :Quotes
442 443 
        str.gsub!( '<', '&lt;')
443 444 
        str.gsub!( '>', '&gt;')
445 
      end
446 
      str
444 447 
    end
445 448 

  		




  446
  449
  
    
    # Search and replace for Textile glyphs (quotes, dashes, other symbols)


  		




  ......




  914
  917
  
    
    def inline_textile_image( text ) 


  		




  915
  918
  
    
        text.gsub!( IMAGE_RE )  do |m|


  		




  916
  919
  
    
            stln,algn,atts,url,title,href,href_a1,href_a2 = $~[1..8]


  		




  
  920
  
    
            htmlesc title


  		




  917
  921
  
    
            atts = pba( atts )


  		




  918
  922
  
    
            atts = " src=\"#{ url }\"#{ atts }"


  		




  919
  923
  
    
            atts << " title=\"#{ title }\"" if title


  		












  

    
      trunk/test/unit/helpers/application_helper_test.rb
    
  





  70
  70
  
    
      'floating !>http://foo.bar/image.jpg!' => 'floating <div style="float:right"><img src="http://foo.bar/image.jpg" alt="" /></div>',


  		




  71
  71
  
    
      'with class !(some-class)http://foo.bar/image.jpg!' => 'with class <img src="http://foo.bar/image.jpg" class="some-class" alt="" />',


  		




  72
  72
  
    
      'with style !{width:100px;height100px}http://foo.bar/image.jpg!' => 'with style <img src="http://foo.bar/image.jpg" style="width:100px;height100px;" alt="" />',


  		




  
  73
  
    
      'with title !http://foo.bar/image.jpg(This is a title)!' => 'with title <img src="http://foo.bar/image.jpg" title="This is a title" alt="This is a title" />',


  		




  
  74
  
    
      'with title !http://foo.bar/image.jpg(This is a double-quoted "title")!' => 'with title <img src="http://foo.bar/image.jpg" title="This is a double-quoted &quot;title&quot;" alt="This is a double-quoted &quot;title&quot;" />',


  		




  73
  75
  
    
    }


  		




  74
  76
  
    
    to_test.each { |text, result| assert_equal "<p>#{result}</p>", textilizable(text) }


  		




  75
  77
  
    
  end


  		












Also available in:  Unified diff