diff options
Diffstat (limited to 'config/initializers')
| -rw-r--r-- | config/initializers/session_store.rb | 2 | ||||
| -rw-r--r-- | config/initializers/single_quote_escape_workaround.rb | 31 |
2 files changed, 32 insertions, 1 deletions
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb index bf40e99c1..a05d2c7d1 100644 --- a/config/initializers/session_store.rb +++ b/config/initializers/session_store.rb @@ -2,7 +2,7 @@ # Your secret key for verifying cookie session data integrity. # If you change this key, all old sessions will become invalid! -# Make sure the secret is at least 30 characters and all random, +# Make sure the secret is at least 30 characters and all random, # no regular words or you'll be exposed to dictionary attacks. ActionController::Base.session = { diff --git a/config/initializers/single_quote_escape_workaround.rb b/config/initializers/single_quote_escape_workaround.rb new file mode 100644 index 000000000..2e713b982 --- /dev/null +++ b/config/initializers/single_quote_escape_workaround.rb @@ -0,0 +1,31 @@ +class ERB
+ module Util
+
+ if "html_safe exists".respond_to?(:html_safe)
+ def html_escape(s)
+ s = s.to_s
+ if s.html_safe?
+ s
+ else
+ Rack::Utils.escape_html(s).html_safe
+ end
+ end
+ else
+ def html_escape(s)
+ s = s.to_s
+ Rack::Utils.escape_html(s).html_safe
+ end
+ end
+
+ remove_method :h
+ alias h html_escape
+
+ class << self
+ remove_method :html_escape
+ remove_method :h
+ end
+
+ module_function :html_escape
+ module_function :h
+ end
+end
|