Merged r14812 (#6969).

git-svn-id: http://svn.redmine.org/redmine/branches/2.6-stable@14836 e93f8b46-1217-0410-a6f0-8f06a7374b81

diff --git a/lib/redcloth3.rb b/lib/redcloth3.rb
index 31a558799ada2aca7b6389f244fb14d1237e92e8..dc10580265a925cfcd88f00dbe57e7623fc166a5 100644 (file)
--- a/lib/redcloth3.rb
+++ b/lib/redcloth3.rb
@@ -1202,7 +1202,7 @@ class RedCloth3 < String
     ALLOWED_TAGS = %w(redpre pre code notextile)
     
     def escape_html_tags(text)
-      text.gsub!(%r{<(\/?([!\w]+)[^<>\n]*)(>?)}) {|m| ALLOWED_TAGS.include?($2) ? "<#{$1}#{$3}" : "&lt;#{$1}#{'&gt;' unless $3.blank?}" }
+      text.gsub!(%r{<(\/?([!\w]+)[^<>\n]*)?(>?)}) {|m| $2 && ALLOWED_TAGS.include?($2) ? "<#{$1}#{$3}" : "&lt;#{$1}#{'&gt;' unless $3.blank?}" }
     end
 end
 

diff --git a/test/unit/lib/redmine/wiki_formatting/textile_formatter_test.rb b/test/unit/lib/redmine/wiki_formatting/textile_formatter_test.rb
index 5c77355474b83d6548c6441e00d05ce3a7c08ccd..a505b6661f2a0b83ac5bcacfe3e8506db63c49ad 100644 (file)
--- a/test/unit/lib/redmine/wiki_formatting/textile_formatter_test.rb
+++ b/test/unit/lib/redmine/wiki_formatting/textile_formatter_test.rb
@@ -154,12 +154,19 @@ EXPECTED
     assert_equal expected.gsub(%r{\s+}, ''), to_html(raw).gsub(%r{\s+}, '')
   end
 
-  def test_escaping
+  def test_should_escape_unallowed_tags
     assert_html_output(
       'this is a <script>'      => 'this is a &lt;script&gt;'
     )
   end
 
+  def test_should_escape_less_than_signs
+    assert_html_output(
+      '<'                     => '&lt;',
+      '1 < 2'                 => '1 &lt; 2'
+    )
+  end
+
   def test_use_of_backslashes_followed_by_numbers_in_headers
     assert_html_output({
       'h1. 2009\02\09'      => '<h1>2009\02\09</h1>'