Sha256: c3ab0dec27e7fc39220f8fb4e28a557c56f92d3145b1555fc96279fc8107b39b
Contents?: true
Size: 852 Bytes
Versions: 4
Compression:
Stored size: 852 Bytes
Contents
module AngularXss
def self.disable(&block)
Escaper.disable(&block)
end
class Escaper
XSS_DISABLED_KEY = :_angular_xss_disabled
#BRACE = [
# '\\{',
# '{',
# '{',
# '�*7b;',
# '�*123;',
#]
#DOUBLE_BRACE_REGEXP = Regexp.new("(#{BRACE.join('|')})(#{BRACE.join('|')})", Regexp::IGNORECASE)
def self.escape(string)
return unless string
if disabled?
string
else
string.to_s.gsub('{{'.freeze, '{{ $root.DOUBLE_LEFT_CURLY_BRACE }}'.freeze)
end
end
def self.disabled?
!!Thread.current[XSS_DISABLED_KEY]
end
def self.disable
old_disabled = Thread.current[XSS_DISABLED_KEY]
Thread.current[XSS_DISABLED_KEY] = true
yield
ensure
Thread.current[XSS_DISABLED_KEY] = old_disabled
end
end
end
Version data entries
4 entries across 4 versions & 1 rubygems
| Version | Path |
|---|---|
| angular_xss-0.4.1 | lib/angular_xss/escaper.rb |
| angular_xss-0.4.0 | lib/angular_xss/escaper.rb |
| angular_xss-0.3.1 | lib/angular_xss/escaper.rb |
| angular_xss-0.3.0 | lib/angular_xss/escaper.rb |