diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2012-08-13 19:05:42 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2012-08-13 19:05:42 +0000 |
| commit | d79bcc43690f1607dc7c87bea2007048a1950ec4 (patch) | |
| tree | fbb64c1d0d343020540f833d5983e5b4a8cd59f3 | |
| parent | 327660eb7f7e3e7339dd1fead1404bda10e09c13 (diff) | |
| download | redmine-d79bcc43690f1607dc7c87bea2007048a1950ec4.tar.gz redmine-d79bcc43690f1607dc7c87bea2007048a1950ec4.zip | |
Fixed that text email templates are escaped (#11355).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@10205 e93f8b46-1217-0410-a6f0-8f06a7374b81
| -rw-r--r-- | config/initializers/10-patches.rb | 35 | ||||
| -rw-r--r-- | test/unit/mailer_test.rb | 19 |
2 files changed, 53 insertions, 1 deletions
diff --git a/config/initializers/10-patches.rb b/config/initializers/10-patches.rb index e4a110cfa..c2d0a5fad 100644 --- a/config/initializers/10-patches.rb +++ b/config/initializers/10-patches.rb @@ -50,6 +50,41 @@ module ActionView end end +# Do not HTML escape text templates +module ActionView + class Template + module Handlers + class ERB + def call(template) + if template.source.encoding_aware? + # First, convert to BINARY, so in case the encoding is + # wrong, we can still find an encoding tag + # (<%# encoding %>) inside the String using a regular + # expression + template_source = template.source.dup.force_encoding("BINARY") + + erb = template_source.gsub(ENCODING_TAG, '') + encoding = $2 + + erb.force_encoding valid_encoding(template.source.dup, encoding) + + # Always make sure we return a String in the default_internal + erb.encode! + else + erb = template.source.dup + end + + self.class.erb_implementation.new( + erb, + :trim => (self.class.erb_trim_mode == "-"), + :escape => template.identifier =~ /\.text/ # only escape HTML templates + ).src + end + end + end + end +end + ActionView::Base.field_error_proc = Proc.new{ |html_tag, instance| html_tag || ''.html_safe } require 'mail' diff --git a/test/unit/mailer_test.rb b/test/unit/mailer_test.rb index 3721ad497..ae755a51a 100644 --- a/test/unit/mailer_test.rb +++ b/test/unit/mailer_test.rb @@ -542,10 +542,27 @@ class MailerTest < ActiveSupport::TestCase end end -private + def test_should_escape_html_templates_only + Issue.generate!(:project_id => 1, :tracker_id => 1, :subject => 'Subject with a <tag>') + mail = last_email + assert_equal 2, mail.parts.size + assert_include '<tag>', text_part.body.encoded + assert_include '<tag>', html_part.body.encoded + end + + private + def last_email mail = ActionMailer::Base.deliveries.last assert_not_nil mail mail end + + def text_part + last_email.parts.detect {|part| part.content_type.include?('text/plain')} + end + + def html_part + last_email.parts.detect {|part| part.content_type.include?('text/html')} + end end |