Contents

# http://jfire.io/blog/2012/04/30/how-to-securely-bootstrap-json-in-a-rails-view/
class ActionView::Base

  JSON_ESCAPE_MAP = {
    "/" => '\/'
  }

  if "ruby".encoding_aware?
    JSON_ESCAPE_MAP["\342\200\250".force_encoding('UTF-8').encode!] = '
'
    JSON_ESCAPE_MAP["\342\200\251".force_encoding('UTF-8').encode!] = '
'
  else
    JSON_ESCAPE_MAP["\342\200\250"] = '
'
    JSON_ESCAPE_MAP["\342\200\251"] = '
'
  end

  def escape_json(json)
    if json
      result = json.gsub(/(\/|\342\200\250|\342\200\251)/u) { |match| JSON_ESCAPE_MAP[match] }
      json.html_safe? ? result.html_safe : result
    else
      ''
    end
  end

end

Version data entries

26 entries across 26 versions & 1 rubygems

Version	Path
locomotive_cms-2.5.7	lib/locomotive/rails/action_view.rb
locomotive_cms-2.5.6	lib/locomotive/rails/action_view.rb
locomotive_cms-2.5.6.rc2	lib/locomotive/rails/action_view.rb
locomotive_cms-2.5.6.rc1	lib/locomotive/rails/action_view.rb
locomotive_cms-2.5.5	lib/locomotive/rails/action_view.rb
locomotive_cms-2.5.4	lib/locomotive/rails/action_view.rb
locomotive_cms-2.5.3	lib/locomotive/rails/action_view.rb
locomotive_cms-2.5.2	lib/locomotive/rails/action_view.rb
locomotive_cms-2.5.1	lib/locomotive/rails/action_view.rb
locomotive_cms-2.5.0	lib/locomotive/rails/action_view.rb
locomotive_cms-2.5.0.rc3	lib/locomotive/rails/action_view.rb
locomotive_cms-2.5.0.rc2	lib/locomotive/rails/action_view.rb
locomotive_cms-2.5.0.rc1	lib/locomotive/rails/action_view.rb
locomotive_cms-2.4.1	lib/locomotive/rails/action_view.rb
locomotive_cms-2.4.0	lib/locomotive/rails/action_view.rb
locomotive_cms-2.3.1	lib/locomotive/rails/action_view.rb
locomotive_cms-2.3.0	lib/locomotive/rails/action_view.rb
locomotive_cms-2.2.3	lib/locomotive/rails/action_view.rb
locomotive_cms-2.2.2	lib/locomotive/rails/action_view.rb
locomotive_cms-2.2.1	lib/locomotive/rails/action_view.rb