This project is archived and is in readonly mode.

#98 ✓wontfix
Aamer

h method is not aliased properly

Reported by Aamer | May 3rd, 2008 @ 09:20 AM

When you call html_escape(string) in a template, it will call the one defined in lib/action_view/template_handlers/erb.rb.

However, if you call h instead of html_escape, it will call the original method defined in the Ruby ERB library, not the one defined in action_view. This should be properly aliased to make the two method calls identical.

The attached patch is a quick fix I made for actionpack 2.0.2; you can apply it to lib/action_view/template_handlers/erb.rb.

Comments and changes to this ticket

  • Aamer
  • Pratik

    Pratik May 11th, 2008 @ 07:16 PM

    • State changed from “new” to “incomplete”
    • Title changed from “[PATCH] h method is not aliased properly” to “h method is not aliased properly”

    Could you please add tests for cases that are affected by this behavior ?

    Thanks.

  • Aamer

    Aamer May 12th, 2008 @ 06:20 AM

    The thing is that I cannot really write a test for it unless I redefine ERB::Util::HTML_ESCAPE, because there is no loss in functionality. The only time the two methods would behave differently is if the value of this constant was changed to something else

    ... And I don't think it's conventional to redefine Rails constants for the purposes of testing (correct me if I'm wrong).

    Even though there is no change in functionality, this is still a design flaw as far as I'm concerned. Since html_escape is redefined by ActionView, then h should also be redefined since they are supposed to be the same method. This is what my patch does by calling alias_method.

    Alternatively, the Rails team could simply remove the fist few lines of action_view/template_handlers/erb.rb so that the html_escape method is not redefined by Rails. The default method provided by ERB does the exact same thing (although with less "pretty" code) ... but what is the point of redefining a method if you're not changing any functionality?

  • Jeremy Kemper

    Jeremy Kemper May 12th, 2008 @ 07:10 AM

    but what is the point of redefining a method if you're not changing any functionality?

    to improve performance

  • Aamer

    Aamer May 12th, 2008 @ 07:16 AM

    Fair enough. In that case, I can't really write a performance-based test, so any other suggestions would be welcome.

  • Prem Sichanugrist (sikachu)

    Prem Sichanugrist (sikachu) January 22nd, 2010 @ 08:55 AM

    • Tag set to actionpack, patch
    • State changed from “incomplete” to “wontfix”
  • Wolfram Arnold

    Wolfram Arnold May 31st, 2010 @ 10:05 PM

    Something got broken here recently (with 2.3.8). The h method appears to no longer escape, but calling html_escape does. This started showing up in 2.3.8, but was not an issue in 2.3.5

  • Santiago Pastorino

    Santiago Pastorino June 1st, 2010 @ 02:00 AM

    Wolfram, can you provide a test case or show the code you are trying please?

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

<h2 style="font-size: 14px">Tickets have moved to Github</h2>

The new ticket tracker is available at <a href="https://github.com/rails/rails/issues">https://github.com/rails/rails/issues</a>

Attachments

Pages