Module Haml::Helpers::XssMods
In: lib/haml/helpers/xss_mods.rb

This module overrides Haml helpers to work properly in the context of ActionView. Currently it‘s only used for modifying the helpers to work with Rails’ XSS protection methods.

Methods

Public Class methods

[Source]

    # File lib/haml/helpers/xss_mods.rb, line 8
 8:       def self.included(base)
 9:         %w[html_escape find_and_preserve preserve list_of surround
10:            precede succeed capture_haml haml_concat haml_indent
11:            haml_tag escape_once].each do |name|
12:           base.send(:alias_method, "#{name}_without_haml_xss", name)
13:           base.send(:alias_method, name, "#{name}_with_haml_xss")
14:         end
15:       end

Public Instance methods

Output is always HTML safe

[Source]

    # File lib/haml/helpers/xss_mods.rb, line 60
60:       def capture_haml_with_haml_xss(*args, &block)
61:         Haml::Util.html_safe(capture_haml_without_haml_xss(*args, &block))
62:       end

Output is always HTML safe

[Source]

    # File lib/haml/helpers/xss_mods.rb, line 82
82:       def escape_once_with_haml_xss(*args)
83:         Haml::Util.html_safe(escape_once_without_haml_xss(*args))
84:       end

Output is always HTML safe

[Source]

    # File lib/haml/helpers/xss_mods.rb, line 26
26:       def find_and_preserve_with_haml_xss(*args, &block)
27:         Haml::Util.html_safe(find_and_preserve_without_haml_xss(*args, &block))
28:       end

Input is escaped

[Source]

    # File lib/haml/helpers/xss_mods.rb, line 65
65:       def haml_concat_with_haml_xss(text = "")
66:         haml_concat_without_haml_xss(@_haml_concat_raw ? text : haml_xss_html_escape(text))
67:       end

Output is always HTML safe

[Source]

    # File lib/haml/helpers/xss_mods.rb, line 70
70:       def haml_indent_with_haml_xss
71:         Haml::Util.html_safe(haml_indent_without_haml_xss)
72:       end

Input is escaped, haml_concat‘ed output is always HTML safe

[Source]

    # File lib/haml/helpers/xss_mods.rb, line 75
75:       def haml_tag_with_haml_xss(name, *rest, &block)
76:         name = haml_xss_html_escape(name.to_s)
77:         rest.unshift(haml_xss_html_escape(rest.shift.to_s)) unless [Symbol, Hash, NilClass].any? {|t| rest.first.is_a? t}
78:         with_raw_haml_concat {haml_tag_without_haml_xss(name, *rest, &block)}
79:       end

Don‘t escape text that‘s already safe, output is always HTML safe

[Source]

    # File lib/haml/helpers/xss_mods.rb, line 19
19:       def html_escape_with_haml_xss(text)
20:         str = text.to_s
21:         return text if str.html_safe?
22:         Haml::Util.html_safe(html_escape_without_haml_xss(str))
23:       end

Output is always HTML safe

[Source]

    # File lib/haml/helpers/xss_mods.rb, line 36
36:       def list_of_with_haml_xss(*args, &block)
37:         Haml::Util.html_safe(list_of_without_haml_xss(*args, &block))
38:       end

Input is escaped, output is always HTML safe

[Source]

    # File lib/haml/helpers/xss_mods.rb, line 50
50:       def precede_with_haml_xss(str, &block)
51:         Haml::Util.html_safe(precede_without_haml_xss(haml_xss_html_escape(str), &block))
52:       end

Output is always HTML safe

[Source]

    # File lib/haml/helpers/xss_mods.rb, line 31
31:       def preserve_with_haml_xss(*args, &block)
32:         Haml::Util.html_safe(preserve_without_haml_xss(*args, &block))
33:       end

Input is escaped, output is always HTML safe

[Source]

    # File lib/haml/helpers/xss_mods.rb, line 55
55:       def succeed_with_haml_xss(str, &block)
56:         Haml::Util.html_safe(succeed_without_haml_xss(haml_xss_html_escape(str), &block))
57:       end

Input is escaped, output is always HTML safe

[Source]

    # File lib/haml/helpers/xss_mods.rb, line 41
41:       def surround_with_haml_xss(front, back = front, &block)
42:         Haml::Util.html_safe(
43:           surround_without_haml_xss(
44:             haml_xss_html_escape(front),
45:             haml_xss_html_escape(back),
46:             &block))
47:       end

[Validate]