This project is archived and is in readonly mode.
[PATCH] Remove unused String#html_safe!
Reported by Cody Fauser | June 13th, 2010 @ 03:02 AM | in 2.3.9
From what I can discern, the String#html_safe!
method is currently not in use and provides no useful functionality
other than raising an exception on both strings and
ActiveSupport::SafeBuffer instances when called. The
method is deprecated in Rails 2.3.6, but hasn't yet been removed in
the master branch. This patch removes the method, which is the only
reference to the html_safe! method in all of
Rails.
Comments and changes to this ticket
-
Rohit Arondekar June 14th, 2010 @ 08:00 AM
- Assigned user set to “José Valim”
Interesting.
I found the reason why html_safe! doesn't actually do anything besides raising an exception:
For performance reasons safe strings are implemented in a way that cannot offer an in-place html_safe! variant.
source: http://edgeguides.rubyonrails.org/active_support_core_extensions.ht...
i.m.h.o I think the method should be removed or at least the exception raised should explain why you cannot call html_safe! on a string.
On that note, +1 to the patch, applies cleanly and tests pass on 1.9.2-head and 1.8.7-p174
-
Neeraj Singh June 14th, 2010 @ 02:33 PM
I would say that this code is self documenting and since html_safe is something a lot of people would encounter in rail3, this method should stay.
-
Cody Fauser June 14th, 2010 @ 02:47 PM
Neeraj,
I disagree.
html_safe!is not a usable method on any object. There is no better way to indicate that you can't call a method than to not implement it and the method is clearly deprecated in Rails 2.3.6. -
Rohit Arondekar June 14th, 2010 @ 02:55 PM
If the method is to be kept I would prefer it if the message is more self explanatory. This will avoid confusion and people filing bug reports.
If anybody agrees with me, I've attached a patch that should explain why the method can't be called. Tested it on 1.8.7-p174 and 1.9.2-head.
-
Rohit Arondekar June 14th, 2010 @ 03:09 PM
For the record I still agree with Cody though, if the method can't be called it shouldn't exist.
-
José Valim June 15th, 2010 @ 12:07 PM
In Rails 2.3.5, the official API was html_safe! However, we found out that it's actually slow and provided another implementation, so we needed to deprecate the old html_safe! method and stop modifying strings in place.
We preferred to use RuntimeError because we wanted to be clear that the html_safe! existed but we changed its behavior. If we raised NoMethodError, developers would be wondering what happened and if they were actually doing something wrong.
But since it was already deprecated on 2.3.6 and it shows a message on 2.3.8, it can be removed for 2.3.9.
I hope this clarify a bit. I will apply this patch later.
-
José Valim June 20th, 2010 @ 11:14 AM
- Milestone set to “2.3.9”
- Assigned user changed from “José Valim” to “Michael Koziarski”
Assigning to Koz to give the final word here since html_safe is his baby.
-
Santiago Pastorino June 20th, 2010 @ 03:58 PM
- State changed from “new” to “resolved”
- Assigned user changed from “Michael Koziarski” to “Santiago Pastorino”
This is already out on 2-3-stable since this commit
http://github.com/rails/rails/commit/60e82a3ca2fe6058292db659c34117...
-
Andrea Campi October 11th, 2010 @ 07:20 AM
- Tag changed from “patch activesupport xss” to “activesupport, patch, xss”
- Importance changed from “” to “Low”
bulk tags cleanup
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile »
<h2 style="font-size: 14px">Tickets have moved to Github</h2>
The new ticket tracker is available at <a href="https://github.com/rails/rails/issues">https://github.com/rails/rails/issues</a>
Cody Fauser
Damien MATHIEU
Jeremy Kemper
José Valim
Michael Koziarski
Rohit Arondekar
Santiago Pastorino