Fix engine bug where safe content was marked as unsafe

brightroll · Jul 1, 2014 · 3e11d0f · 3e11d0f
1 parent 2fe314b
commit 3e11d0f
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 3 deletions.
diff --git a/lib/phoenix/html/engine.ex b/lib/phoenix/html/engine.ex
@@ -8,18 +8,18 @@ defmodule Phoenix.Html.Engine do
 
   def handle_text(buffer, text) do
     quote do
-      {:safe, unquote(buffer) <> unquote(text)}
+      {:safe, unquote(Html.unsafe(buffer)) <> unquote(text)}
     end
   end
 
   def handle_expr(buffer, "=", expr) do
     expr   = transform(expr)
     buffer = Html.unsafe(buffer)
 
-    quote do
+    {:safe, quote do
       buff = unquote(buffer)
       buff <> Safe.to_string(unquote(expr))
-    end
+    end}
   end
 
   def handle_expr(buffer, "", expr) do

diff --git a/test/fixtures/templates/within.html.eex b/test/fixtures/templates/within.html.eex
@@ -0,0 +1 @@
+<%= within {MyApp.Views, "layouts/application.html"} do %><%= {:safe, "<>"} %><% end %>
diff --git a/test/phoenix/template/compiler_test.exs b/test/phoenix/template/compiler_test.exs
@@ -38,6 +38,11 @@ defmodule Phoenix.Template.CompilerTest do
     assert html == {:safe, "<html>\n  <body>\n    <div>Show! hello!</div>\n\n  </body>\n</html>\n"}
   end
 
+  test "compiler renders application layout with safe embed" do
+    html = MyApp.Views.render("within.html")
+    assert html == {:safe, "<html>\n  <body>\n    <>\n  </body>\n</html>\n"}
+  end
+
   test "compiler renders application layout with safe nested template" do
     html = MyApp.Views.render("show.html",
       within: {MyApp.Views, "layouts/application.html"},
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		<%= within {MyApp.Views, "layouts/application.html"} do %><%= {:safe, "<>"} %><% end %>