Try to simplyfiy the ERB patch

makandra · Jun 20, 2024 · efbf0c0 · efbf0c0
1 parent fecdf8b
commit efbf0c0
Showing 1 changed file with 14 additions and 44 deletions.
diff --git a/lib/angular_xss/erb.rb b/lib/angular_xss/erb.rb
@@ -1,6 +1,5 @@
-# Use module_eval so we crash when ERB::Util has not yet been loaded.
-if defined?(ActiveSupport::CoreExt::ERBUtil) && ERB::Util.is_a?(ActiveSupport::CoreExt::ERBUtil)
-  # Rails 7.1+
+if ERB::Util.private_method_defined? :unwrapped_html_escape
+  # Rails 4.2 +
   # https://github.com/rails/rails/blob/main/activesupport/lib/active_support/core_ext/erb/util.rb
   module ERBUtilExt
     def html_escape_once(s)
@@ -17,51 +16,22 @@ def unwrapped_html_escape(s)
 
 else
   ERB::Util.module_eval do
-    if private_method_defined? :unwrapped_html_escape
-      # Rails 4.2 - 7.0
-      # patch ERB::Util#unwrapped_html_escape
-      def unwrapped_html_escape_with_escaping_angular_expressions(s)
-        unwrapped_html_escape_without_escaping_angular_expressions(AngularXss::Escaper.escape_if_unsafe(s))
-      end
+    # Rails < 4.2
 
-      alias_method :unwrapped_html_escape_without_escaping_angular_expressions, :unwrapped_html_escape
-      alias_method :unwrapped_html_escape, :unwrapped_html_escape_with_escaping_angular_expressions
-
-      singleton_class.send(:remove_method, :unwrapped_html_escape)
-      module_function :unwrapped_html_escape
-      module_function :unwrapped_html_escape_without_escaping_angular_expressions
-
-      # patch ERB::Util#html_escape_once
-      def html_escape_once_with_escaping_angular_expressions(s)
-        html_escape_once_without_escaping_angular_expressions(AngularXss::Escaper.escape_if_unsafe(s))
-      end
-
-      alias_method :html_escape_once_without_escaping_angular_expressions, :html_escape_once
-      alias_method :html_escape_once, :html_escape_once_with_escaping_angular_expressions
-
-      singleton_class.send(:remove_method, :html_escape_once)
-      module_function :html_escape_once
-      module_function :html_escape_once_without_escaping_angular_expressions
-    else
-      # Rails < 4.2
-
-      def html_escape_with_escaping_angular_expressions(s)
-        html_escape_without_escaping_angular_expressions(AngularXss::Escaper.escape_if_unsafe(s))
-      end
-
-      alias_method_chain :html_escape, :escaping_angular_expressions
-
-      # Aliasing twice issues a warning "discarding old...". Remove first to avoid it.
-      remove_method(:h)
-      alias h html_escape
+    def html_escape_with_escaping_angular_expressions(s)
+      html_escape_without_escaping_angular_expressions(AngularXss::Escaper.escape_if_unsafe(s))
+    end
 
-      module_function :h
+    alias_method_chain :html_escape, :escaping_angular_expressions
 
-      singleton_class.send(:remove_method, :html_escape)
-      module_function :html_escape
-      module_function :html_escape_without_escaping_angular_expressions
+    # Aliasing twice issues a warning "discarding old...". Remove first to avoid it.
+    remove_method(:h)
+    alias h html_escape
 
-    end
+    module_function :h
 
+    singleton_class.send(:remove_method, :html_escape)
+    module_function :html_escape
+    module_function :html_escape_without_escaping_angular_expressions
   end
 end