html_safe: Consider to_json safe

This also fixes shopping_cart tests

html_safe: Consider to_json safe
This also fixes shopping_cart tests
Braulio Bhavamitra
1 parent 9fb3ad5a
Showing 3 changed files with 32 additions and 1 deletions Show diff stats
config/initializers/html_safe.rb
plugins/delivery/lib/delivery_plugin/display_helper.rb
plugins/shopping_cart/features/delivery_client.feature
@@ -0,0 +1,26 @@
+##
+# Object based copy of http://apidock.com/rails/ActionView/Helpers/OutputSafetyHelper/safe_join
+# array.safe_join instead of safe_join(array)
+#
+class Array
+  def safe_join sep=nil
+    sep = ERB::Util.unwrapped_html_escape sep
+
+    self.flatten.map!{ |i| ERB::Util.unwrapped_html_escape i }.join(sep).html_safe
+  end
+end
+
+##
+# Just use .to_json instead of .to_json.html_safe
+# as escape_html_entities_in_json is default on rails.
+# http://stackoverflow.com/a/31774454/670229
+#
+ActiveSupport::JSON::Encoding.escape_html_entities_in_json = true
+ActiveSupport::JSON.class_eval do
+  module EncodeWithHtmlSafe
+    def encode *args
+      super.html_safe
+    end
+  end
+  singleton_class.prepend EncodeWithHtmlSafe
+end
@@ -15,7 +15,7 @@ module DeliveryPlugin::DisplayHelper
       content_tag :option, text, value: method.id,
         data: {label: method.name, type: method.delivery_type, instructions: CGI::escapeHTML(method.description.to_s)},
         selected: if method.id == selected then 'selected' else nil end
-    end.join
+    end.safe_join
   end
   def consumer_delivery_field_value order, field
@@ -64,10 +64,15 @@ Feature: delivery client
   Scenario: gets free delivery due to free over price
     Given I follow "Add to basket"
     And I follow "Add to basket"
+    And I wait 0.2 seconds to finish the request
     And I follow "Add to basket"
+    And I wait 0.2 seconds to finish the request
     And I follow "Add to basket"
+    And I wait 0.2 seconds to finish the request
     And I follow "Add to basket"
+    And I wait 0.2 seconds to finish the request
     And I follow "Add to basket"
+    And I wait 0.2 seconds to finish the request
     And I should see "Show basket"
     And I follow "Show basket"
     And I wait 1 second for animations
@@ -0,0 +1,26 @@		@@ -0,0 +1,26 @@
	1	+##
	2	+# Object based copy of http://apidock.com/rails/ActionView/Helpers/OutputSafetyHelper/safe_join
	3	+# array.safe_join instead of safe_join(array)
	4	+#
	5	+class Array
	6	+ def safe_join sep=nil
	7	+ sep = ERB::Util.unwrapped_html_escape sep
	8	+
	9	+ self.flatten.map!{ \|i\| ERB::Util.unwrapped_html_escape i }.join(sep).html_safe
	10	+ end
	11	+end
	12	+
	13	+##
	14	+# Just use .to_json instead of .to_json.html_safe
	15	+# as escape_html_entities_in_json is default on rails.
	16	+# http://stackoverflow.com/a/31774454/670229
	17	+#
	18	+ActiveSupport::JSON::Encoding.escape_html_entities_in_json = true
	19	+ActiveSupport::JSON.class_eval do
	20	+ module EncodeWithHtmlSafe
	21	+ def encode *args
	22	+ super.html_safe
	23	+ end
	24	+ end
	25	+ singleton_class.prepend EncodeWithHtmlSafe
	26	+end
	@@ -15,7 +15,7 @@ module DeliveryPlugin::DisplayHelper		@@ -15,7 +15,7 @@ module DeliveryPlugin::DisplayHelper
15	content_tag :option, text, value: method.id,	15	content_tag :option, text, value: method.id,
16	data: {label: method.name, type: method.delivery_type, instructions: CGI::escapeHTML(method.description.to_s)},	16	data: {label: method.name, type: method.delivery_type, instructions: CGI::escapeHTML(method.description.to_s)},
17	selected: if method.id == selected then 'selected' else nil end	17	selected: if method.id == selected then 'selected' else nil end
18	- end.join	18	+ end.safe_join
19	end	19	end
20		20
21	def consumer_delivery_field_value order, field	21	def consumer_delivery_field_value order, field