class Sqreen::Rules::Haml4ParserTagHookCB
Hook into haml4 tag parser
Public Class Methods
new(*args)
click to toggle source
Calls superclass method
Sqreen::Rules::RuleCB::new
# File lib/sqreen/rules/xss_cb.rb, line 141 def initialize(*args) super(*args) @overtimeable = false end
Public Instance Methods
post(ret, _inst, _args, _budget = nil, &_block)
click to toggle source
# File lib/sqreen/rules/xss_cb.rb, line 146 def post(ret, _inst, _args, _budget = nil, &_block) return unless Haml::VERSION < '5' tag = ret if tag.value[:escape_html] == false && tag.value[:value].respond_to?(:include?) && !tag.value[:value].include?('html_escape') && tag.value[:parse] == true tag.value[:value] = "Sqreen.escape_haml((#{tag.value[:value]}))" return { :status => :override, :new_return_value => tag } end nil end