diff options
Diffstat (limited to 'lib/erubis/helpers/rails_helper.rb')
| -rw-r--r-- | lib/erubis/helpers/rails_helper.rb | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/erubis/helpers/rails_helper.rb b/lib/erubis/helpers/rails_helper.rb index 526dddf..14a0b1c 100644 --- a/lib/erubis/helpers/rails_helper.rb +++ b/lib/erubis/helpers/rails_helper.rb @@ -6,6 +6,7 @@ require 'erubis' +require 'cgi' module Erubis @@ -227,7 +228,10 @@ class ActionView::Base # :nodoc: alias _x _expr alias _? _expr def _decode(arg) - return arg.to_s.gsub(/<%=(.*?)%>/, '<%=\1%>').gsub(/%3C%25%3D(.*?)%25%3E/, '<%=\1%>') + arg = arg.to_s + arg.gsub!(/%3C%25%3D(.*?)%25%3E/) { "<%=#{CGI.unescape($1)}%>" } + arg.gsub!(/<%=(.*?)%>/) { "<%=#{CGI.unescapeHTML($1)}%>" } + return arg end ## --------------------- |