Fixed that text email templates are escaped (#11355).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@10205 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
parent
327660eb7f
commit
d79bcc4369
|
@ -50,6 +50,41 @@ module ActionView
|
|||
end
|
||||
end
|
||||
|
||||
# Do not HTML escape text templates
|
||||
module ActionView
|
||||
class Template
|
||||
module Handlers
|
||||
class ERB
|
||||
def call(template)
|
||||
if template.source.encoding_aware?
|
||||
# First, convert to BINARY, so in case the encoding is
|
||||
# wrong, we can still find an encoding tag
|
||||
# (<%# encoding %>) inside the String using a regular
|
||||
# expression
|
||||
template_source = template.source.dup.force_encoding("BINARY")
|
||||
|
||||
erb = template_source.gsub(ENCODING_TAG, '')
|
||||
encoding = $2
|
||||
|
||||
erb.force_encoding valid_encoding(template.source.dup, encoding)
|
||||
|
||||
# Always make sure we return a String in the default_internal
|
||||
erb.encode!
|
||||
else
|
||||
erb = template.source.dup
|
||||
end
|
||||
|
||||
self.class.erb_implementation.new(
|
||||
erb,
|
||||
:trim => (self.class.erb_trim_mode == "-"),
|
||||
:escape => template.identifier =~ /\.text/ # only escape HTML templates
|
||||
).src
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
ActionView::Base.field_error_proc = Proc.new{ |html_tag, instance| html_tag || ''.html_safe }
|
||||
|
||||
require 'mail'
|
||||
|
|
|
@ -542,10 +542,27 @@ class MailerTest < ActiveSupport::TestCase
|
|||
end
|
||||
end
|
||||
|
||||
def test_should_escape_html_templates_only
|
||||
Issue.generate!(:project_id => 1, :tracker_id => 1, :subject => 'Subject with a <tag>')
|
||||
mail = last_email
|
||||
assert_equal 2, mail.parts.size
|
||||
assert_include '<tag>', text_part.body.encoded
|
||||
assert_include '<tag>', html_part.body.encoded
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def last_email
|
||||
mail = ActionMailer::Base.deliveries.last
|
||||
assert_not_nil mail
|
||||
mail
|
||||
end
|
||||
|
||||
def text_part
|
||||
last_email.parts.detect {|part| part.content_type.include?('text/plain')}
|
||||
end
|
||||
|
||||
def html_part
|
||||
last_email.parts.detect {|part| part.content_type.include?('text/html')}
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue