Make template_format checking use a whitelist#16
Make template_format checking use a whitelist#16gerrywastaken wants to merge 1 commit intoduncanbeevers:masterfrom
Conversation
Code such as the follow contains :html in the
template_formats list, but is made invalid if a html
comment is appended to it.
```ruby
render(
partial: 'scss partial',
locals: { main_color: '#f0f' },
formats: :scss
)
```
I've changed the template_format checking code so that
it only applies the template when we are absoutely
certain that the template is in the expected format.
|
Do you see any issues with this change? |
|
@gerrywastaken I haven't touched this gem in several years. The change seems reasonable but I don't have any day-to-day interaction with the gem by which to measure the value of the change. |
|
I'm not sure where to go from here, but what you have said is very understandable. Thanks for looking over the change anyway. |
|
@gerrywastaken
|
|
I'm thinking either option 2 or 3. What would you prefer? |
|
@gerrywastaken My apologies; this fell off my radar. |
|
@duncanbeevers No worries at all. You can send it to ['rubygems', 'caulfield.me'].join('@');-) |
|
@gerrywastaken In order to become a gem owner, you must have a rubygems.org account registered with the given email address. |
|
@gerrywastaken Could u give me ownership so I can merge this fix? My email is Actually, would you mind also giving commit access to this repo? That should make things easier too |
|
@suan Oh I'm not a maintainer yet. @duncanbeevers Super sorry I missed your first comment. Suan's comment alerted me to it. It looks like I got the email slightly wrong. It's actually: Or you could add @suan instead. |
3 participants
Code such as the follow contains :html in the
template_formats list, but is made invalid if a html
comment is appended to it.
I've changed the template_format checking code so that
it only applies the template when we are absoutely
certain that the template is in the expected format.