RubygemsResearch

Sha256: b857ac842a3bc12ee62f3dd7d4d39536c8bb5acf413cb18dd3701ab6548fc59d

Contents?: true

Size: 777 Bytes

Versions: 3

Compression:

Stored size: 777 Bytes

module AngularXss

  def self.disable(&block)
    Escaper.disable(&block)
  end


  class Escaper

    XSS_DISABLED_KEY = :_angular_xss_disabled

    #BRACE = [
    #  '\\{',
    #  '&lcub;',
    #  '&lbrace;',
    #  '&#x0*7b;',
    #  '&#0*123;',
    #]
    #DOUBLE_BRACE_REGEXP = Regexp.new("(#{BRACE.join('|')})(#{BRACE.join('|')})", Regexp::IGNORECASE)

    def self.escape(string)
      if disabled?
        string
      else
        string.gsub('{{', ' { { ')
      end
    end

    def self.disabled?
      !!Thread.current[XSS_DISABLED_KEY]
    end

    def self.disable
      old_disabled = Thread.current[XSS_DISABLED_KEY]
      Thread.current[XSS_DISABLED_KEY] = true
      yield
    ensure
      Thread.current[XSS_DISABLED_KEY] = old_disabled
    end

  end
end

Version data entries

3 entries across 3 versions & 1 rubygems

Version	Path
angular_xss-0.2.2	lib/angular_xss/escaper.rb
angular_xss-0.2.1	lib/angular_xss/escaper.rb
angular_xss-0.2.0	lib/angular_xss/escaper.rb