Contents

# frozen_string_literal: true
module Slim
  module Smart
    # Perform smart entity escaping in the
    # expressions `[:slim, :text, type, Expression]`.
    #
    # @api private
    class Escaper < ::Slim::Filter
      define_options smart_text_escaping: true

      def call(exp)
        if options[:smart_text_escaping]
          super
        else
          exp
        end
      end

      def on_slim_text(type, content)
        [:escape, type != :verbatim, [:slim, :text, type, compile(content)]]
      end

      def on_static(string)
        # Prevent obvious &foo; and &#1234; and &#x00ff; entities from escaping.
        block = [:multi]
        until string.empty?
          case string
          when /\A&([a-z][a-z0-9]*|#x[0-9a-f]+|#\d+);/i
            # Entity.
            block << [:escape, false, [:static, $&]]
            string = $'
          when /\A&?[^&]*/
            # Other text.
            block << [:static, $&]
            string = $'
          end
        end
        block
      end
    end
  end
end

Version data entries

7 entries across 7 versions & 2 rubygems

Version	Path
brakeman-7.0.0	bundle/ruby/3.1.0/gems/slim-5.2.1/lib/slim/smart/escaper.rb
brakeman-6.2.2	bundle/ruby/3.1.0/gems/slim-5.2.1/lib/slim/smart/escaper.rb
brakeman-6.2.2.rc1	bundle/ruby/3.3.0/gems/slim-5.2.1/lib/slim/smart/escaper.rb
brakeman-6.2.1	bundle/ruby/3.1.0/gems/slim-5.2.1/lib/slim/smart/escaper.rb
brakeman-6.2.0	bundle/ruby/3.1.0/gems/slim-5.2.1/lib/slim/smart/escaper.rb
slim-5.2.1	lib/slim/smart/escaper.rb
slim-5.2.0	lib/slim/smart/escaper.rb