Escape HTML comment tags (#1160).

git-svn-id: http://redmine.rubyforge.org/svn/trunk@1403 e93f8b46-1217-0410-a6f0-8f06a7374b81

Escape HTML comment tags (#1160).
git-svn-id: http://redmine.rubyforge.org/svn/trunk@1403 e93f8b46-1217-0410-a6f0-8f06a7374b81
7a969daf · Jean-Philippe Lang · 7f8d9591 · 7a969daf · 7a969daf
Commit 7a969daf authored May 02, 2008 by Jean-Philippe Lang
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 1 deletion

redcloth.rb lib/redcloth.rb +1 -1

application_helper_test.rb test/unit/helpers/application_helper_test.rb +2 -0

No files found.
--- a/lib/redcloth.rb
+++ b/lib/redcloth.rb
@@ -1134,7 +1134,7 @@ class RedCloth < String
    ALLOWED_TAGS = %w(redpre pre code)
    
    def escape_html_tags(text)
-      text.gsub!(%r{<(\/?(\w+)[^>\n]*)(>?)}) {|m| ALLOWED_TAGS.include?($2) ? "<#{$1}#{$3}" : "&lt;#{$1}#{'&gt;' if $3}" }
+      text.gsub!(%r{<(\/?([!\w]+)[^<>\n]*)(>?)}) {|m| ALLOWED_TAGS.include?($2) ? "<#{$1}#{$3}" : "&lt;#{$1}#{'&gt;' unless $3.blank?}" }
    end
 end

--- a/test/unit/helpers/application_helper_test.rb
+++ b/test/unit/helpers/application_helper_test.rb
@@ -141,6 +141,8 @@ class ApplicationHelperTest < HelperTestCase
      "<pre>\nline 1\nline2</pre>" => "<pre>\nline 1\nline2</pre>",
      "<pre><code>\nline 1\nline2</code></pre>" => "<pre><code>\nline 1\nline2</code></pre>",
      "<pre><div>content</div></pre>" => "<pre>&lt;div&gt;content&lt;/div&gt;</pre>",
+      "HTML comment: <!-- no comments -->" => "<p>HTML comment: &lt;!-- no comments --&gt;</p>",
+      "<!-- opening comment" => "<p>&lt;!-- opening comment</p>"
    }
    to_test.each { |text, result| assert_equal result, textilizable(text) }
  end