]> source.dussan.org Git - redmine.git/commitdiff
projects / redmine.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: fc3a09e)
Validate macro name and options.
authorJean-Philippe Lang <jp_lang@yahoo.fr>
Sat, 18 Aug 2012 12:35:14 +0000 (12:35 +0000)
committerJean-Philippe Lang <jp_lang@yahoo.fr>
Sat, 18 Aug 2012 12:35:14 +0000 (12:35 +0000)
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@10211 e93f8b46-1217-0410-a6f0-8f06a7374b81

lib/redmine/wiki_formatting/macros.rb patch | blob | history

diff --git a/lib/redmine/wiki_formatting/macros.rb b/lib/redmine/wiki_formatting/macros.rb
index 16a3239ee97d19f337ad0a6dd226ccd9f931b45f..a4e43da472a526bd12434dd6f3ff20ca1eb16564 100644 (file)
--- a/lib/redmine/wiki_formatting/macros.rb
+++ b/lib/redmine/wiki_formatting/macros.rb
@@ -125,10 +125,16 @@ module Redmine
         #     # args is a string
         #   end
         def macro(name, options={}, &block)
+          options.assert_valid_keys(:desc, :parse_args)
+          unless name.to_s.match(/\A\w+\z/)
+            raise "Invalid macro name: #{name} (only 0-9, A-Z, a-z and _ characters are accepted)"
+          end
+          unless block_given?
+            raise "Can not create a macro without a block!"
+          end
           name = name.to_sym if name.is_a?(String)
           available_macros[name] = {:desc => @@desc || ''}.merge(options)
           @@desc = nil
-          raise "Can not create a macro without a block!" unless block_given?
           Definitions.send :define_method, "macro_#{name}".downcase, &block
         end
 
Mirror of redmine code source: https://github.com/redmine/redmine