File tree Expand file tree Collapse file tree 3 files changed +19
-5
lines changed
lib/rdoc/generator/template/darkfish Expand file tree Collapse file tree 3 files changed +19
-5
lines changed Original file line number Diff line number Diff line change 1212 <%- end . each do |n , files | -%>
1313 <%- f = files . shift -%>
1414 <%- if files . empty? -%>
15- < li > < a href ="<%= rel_prefix %> / <%= f . path %> "> <%= h f . page_name %> </ a >
15+ < li > < a href ="<%= rel_prefix %> / <%= h f . path %> "> <%= h f . page_name %> </ a >
1616 <%- next -%>
1717 <%- end -%>
1818 < li > < details <% if dir == n %> open <% end %> > < summary > <%
1919 if n == f . page_name
20- %> < a href ="<%= rel_prefix %> / <%= f . path %> "> <%= h n %> </ a > <%
20+ %> < a href ="<%= rel_prefix %> / <%= h f . path %> "> <%= h n %> </ a > <%
2121 else
2222 %> <%= h n %> <% files . unshift ( f )
2323 end %> </ summary >
2424 < ul class ="link-list ">
2525 <%- files . each do |f | -%>
26- < li > < a href ="<%= rel_prefix %> / <%= f . path %> "> <%= h f . page_name %> </ a >
26+ < li > < a href ="<%= rel_prefix %> / <%= h f . path %> "> <%= h f . page_name %> </ a >
2727 <%- end -%>
2828 </ ul > </ details >
2929 <%- end -%>
Original file line number Diff line number Diff line change 88< ul >
99<%- simple_files . sort . each do |file | -%>
1010 < li class ="file ">
11- < a href ="<%= file . path %> "> <%= h file . page_name %> </ a >
11+ < a href ="<%= h file . path %> "> <%= h file . page_name %> </ a >
1212<%
1313 # HACK table_of_contents should not exist on Document
1414 table = file . parse ( file . comment ) . table_of_contents
1515 unless table . empty? then %>
1616 < ul >
1717<%- table . each do |heading | -%>
18- < li > < a href ="<%= file . path %> # <%= heading . aref %> "> <%= heading . plain_html %> </ a >
18+ < li > < a href ="<%= h file . path %> # <%= heading . aref %> "> <%= heading . plain_html %> </ a >
1919<%- end -%>
2020 </ ul >
2121<%- end -%>
Original file line number Diff line number Diff line change @@ -233,6 +233,20 @@ def test_generated_method_with_html_tag_yield
233233 assert_includes method_name , '{ |%<<script>alert("atui")</script>>, yield_arg| ... }'
234234 end
235235
236+ def test_generated_filename_with_html_tag
237+ @store . add_file '"><em>should be escaped'
238+ doc = @store . all_files . last
239+ doc . parser = RDoc ::Parser ::Simple
240+
241+ @g . generate
242+
243+ Dir . glob ( "*.html" , base : @tmpdir ) do |html |
244+ File . read ( File . join ( @tmpdir , html ) ) . scan ( /.*should be escaped.*/ ) do |line |
245+ assert_not_include line , "<em>" , html
246+ end
247+ end
248+ end
249+
236250 def test_template_stylesheets
237251 css = Tempfile . create ( %W' hoge .css ' , Dir . mktmpdir ( 'tmp' , '.' ) )
238252 File . write ( css , '' )
You can’t perform that action at this time.
0 commit comments