consul/grecia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Sanitize the output of a dummy component class

Browse Source 
After commit 52ec5094f, we started to get a warning when running out
test suite:

```
WARNING: The #<Class:0x00007958c06fb8e0> component rendered HTML-unsafe
output. The output will be automatically escaped, but you may want to
investigate.
```

The reason is that, for security reasons, since version 3.9.0,
ViewComponent no longer renders unsafe output in the `call` method, so
we need to make sure the rendered text is safe. This is similar to what
Rails automatically does in views with `<%= %>`.

While this change doesn't affect the application (this class is only
used in a test), with it we avoid the warning.
This commit is contained in:
Javi Martín
2024-03-18 20:08:50 +01:00
parent 42eff36bdd
commit 669472c800
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
spec/components/application_component_spec.rb
View File

@@ -6,7 +6,7 @@ describe ApplicationComponent do
component_class = Class.new(ApplicationComponent) do
def call
t("shared.yes")
sanitize(t("shared.yes"))
end
def self.name