From d862fc2dc1cfaa1b99107df64dd35f897d9011a7 Mon Sep 17 00:00:00 2001 From: Lachlan Sylvester Date: Tue, 26 Jan 2010 22:57:23 +1100 Subject: [PATCH] mail_to should return an html_safe string when :encode is set to javascript --- actionpack/lib/action_view/helpers/url_helper.rb | 2 +- actionpack/test/template/url_helper_test.rb | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletions(-) diff --git a/actionpack/lib/action_view/helpers/url_helper.rb b/actionpack/lib/action_view/helpers/url_helper.rb index 511386f..cdc5500 100644 --- a/actionpack/lib/action_view/helpers/url_helper.rb +++ b/actionpack/lib/action_view/helpers/url_helper.rb @@ -482,7 +482,7 @@ module ActionView "document.write('#{content_tag("a", name || email_address_obfuscated, html_options.merge({ "href" => "mailto:"+email_address+extras }))}');".each_byte do |c| string << sprintf("%%%x", c) end - "" + "".html_safe! elsif encode == "hex" email_address_encoded = '' email_address_obfuscated.each_byte do |c| diff --git a/actionpack/test/template/url_helper_test.rb b/actionpack/test/template/url_helper_test.rb index d4b58ef..573c8ca 100644 --- a/actionpack/test/template/url_helper_test.rb +++ b/actionpack/test/template/url_helper_test.rb @@ -378,6 +378,12 @@ class UrlHelperTest < ActionView::TestCase assert_dom_equal "", mail_to("me@domain.com", "My email", :encode => "javascript", :replace_at => "(at)", :replace_dot => "(dot)") assert_dom_equal "", mail_to("me@domain.com", nil, :encode => "javascript", :replace_at => "(at)", :replace_dot => "(dot)") end + + def test_mail_to_is_html_safe + assert mail_to("me@domain.com", "My email", :encode => "hex").html_safe? + assert mail_to("me@domain.com", "My email", :encode => "javascript").html_safe? + assert mail_to("me@domain.com", "My email").html_safe? + end def protect_against_forgery? false -- 1.6.2.463.g49750f