- Files:
-
- trunk/actionpack/lib/action_controller/routing.rb (modified) (8 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
trunk/actionpack/lib/action_controller/routing.rb
r6729 r6730 249 249 # 250 250 module Routing 251 # TODO: , (comma) should be an allowed path character. 251 252 SEPARATORS = %w( / ; . , ? ) 252 253 … … 548 549 549 550 class Segment #:nodoc: 551 # TODO: , (comma) should be an allowed path character. 552 RESERVED_PCHAR = ':@&=+$' 553 UNSAFE_PCHAR = Regexp.new("[^#{URI::REGEXP::PATTERN::UNRESERVED}#{RESERVED_PCHAR}]", false, 'N').freeze 554 550 555 attr_accessor :is_optional 551 556 alias_method :optional?, :is_optional … … 568 573 end 569 574 end 570 575 576 def interpolation_chunk 577 URI.escape(value, UNSAFE_PCHAR) 578 end 579 571 580 # Return a string interpolation statement for this segment and those before it. 572 581 def interpolation_statement(prior_segments) … … 612 621 613 622 def interpolation_chunk 614 raw? ? value : URI.escape(value)623 raw? ? value : super 615 624 end 616 625 617 626 def regexp_chunk 618 chunk = Regexp.escape value627 chunk = Regexp.escape(value) 619 628 optional? ? Regexp.optionalize(chunk) : chunk 620 629 end … … 693 702 694 703 def interpolation_chunk 695 "\#{ CGI.escape(#{local_name}.to_s)}"704 "\#{URI.escape(#{local_name}.to_s, ActionController::Routing::Segment::UNSAFE_PCHAR)}" 696 705 end 697 706 … … 724 733 end 725 734 def match_extraction(next_capture) 726 # All non code-related keys (such as :id, :slug) have to be unescaped as other CGI params 735 # All non code-related keys (such as :id, :slug) are URI-unescaped as 736 # path parameters. 727 737 default_value = default ? default.inspect : nil 728 738 %[ 729 739 value = if (m = match[#{next_capture}]) 730 m = m.gsub('+', '%2B') 731 CGI.unescape(m) 740 URI.unescape(m) 732 741 else 733 742 #{default_value} … … 749 758 end 750 759 751 # Don't URI.escape the controller name, since it may have slashes in it, 752 # like admin/foo. 760 # Don't URI.escape the controller name since it may contain slashes. 753 761 def interpolation_chunk 754 762 "\#{#{local_name}.to_s}" … … 771 779 772 780 class PathSegment < DynamicSegment #:nodoc: 773 EscapedSlash = URI.escape("/") 781 RESERVED_PCHAR = "#{Segment::RESERVED_PCHAR}/" 782 UNSAFE_PCHAR = Regexp.new("[^#{URI::REGEXP::PATTERN::UNRESERVED}#{RESERVED_PCHAR}]", false, 'N').freeze 783 774 784 def interpolation_chunk 775 "\#{URI.escape(#{local_name}.to_s ).gsub(#{EscapedSlash.inspect}, '/')}"785 "\#{URI.escape(#{local_name}.to_s, ActionController::Routing::PathSegment::UNSAFE_PCHAR)}" 776 786 end 777 787
