Module: Haml::Template

Extended by:
Template
Included in:
Template
Defined in:
lib/haml/template.rb,
lib/haml/template/options.rb

Overview

The class that keeps track of the global options for Haml within Rails.

Instance Attribute Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#options{Symbol => Object}

The options hash for Haml when used within Rails. See the Haml options documentation.

Returns:

  • ({Symbol => Object})


14
15
16
# File 'lib/haml/template/options.rb', line 14

def options
  @options
end

Instance Method Details

#try_enabling_xss_integrationBoolean

Enables integration with the Rails 2.2.5+ XSS protection, if it's available and enabled.

Returns:

  • (Boolean)

    Whether the XSS integration was enabled.



18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
# File 'lib/haml/template.rb', line 18

def try_enabling_xss_integration
  return false unless (ActionView::Base.respond_to?(:xss_safe?) && ActionView::Base.xss_safe?) ||
    # We check for ActiveSupport#on_load here because if we're loading Haml that way, it means:
    # A) we're in Rails 3 so XSS support is always on, and
    # B) we might be in Rails 3 beta 3 where the load order is broken and xss_safe? is undefined
    (defined?(ActiveSupport) && Haml::Util.has?(:public_method, ActiveSupport, :on_load))

  Haml::Template.options[:escape_html] = true

  Haml::Util.module_eval {def rails_xss_safe?; true; end}

  require 'haml/helpers/xss_mods'
  Haml::Helpers.send(:include, Haml::Helpers::XssMods)

  Haml::Compiler.module_eval do
    def precompiled_method_return_value_with_haml_xss
      "::Haml::Util.html_safe(#{precompiled_method_return_value_without_haml_xss})"
    end
    alias_method :precompiled_method_return_value_without_haml_xss, :precompiled_method_return_value
    alias_method :precompiled_method_return_value, :precompiled_method_return_value_with_haml_xss
  end

  true
end