Here’s a patch to rexml/xpath.rb which documents the variables parameter
in REXML::XPath.
— xpath.rb.old 2008-04-24 17:31:51.000000000 -0500
+++ xpath.rb 2008-04-24 17:37:38.000000000 -0500
@@ -15,10 +15,15 @@
# node matching ‘*’.
# namespaces::
# If supplied, a Hash which defines a namespace mapping.
-
variables::
-
If supplied, a Hash which maps $variables in the query
-
to values. This can be used to avoid XPath injection
attacks
-
or to automatically handle escaping string values.
XPath.first( node )
XPath.first( doc, “//b”} )
XPath.first( node, “a/x:b”, { “x”=>“http://doofus” } )
-
XPath.first( node, ‘/book/publisher/text()=$publisher’, {},
{“publisher”=>“O’Reilly”})
def XPath::first element, path=nil, namespaces=nil, variables={}
raise “The namespaces argument, if supplied, must be a hash
object.” unless namespaces.nil? or namespaces.kind_of?(Hash)
raise “The variables argument, if supplied, must be a hash
object.” unless variables.kind_of?(Hash)
@@ -38,10 +43,16 @@
# The xpath to search for. If not supplied or nil, defaults to
‘*’
# namespaces::
# If supplied, a Hash which defines a namespace mapping
-
variables::
-
If supplied, a Hash which maps $variables in the query
-
to values. This can be used to avoid XPath injection
attacks
-
or to automatically handle escaping string values.
XPath.each( node ) { |el| … }
XPath.each( node, ‘/*[@attr=‘v’]’ ) { |el| … }
XPath.each( node, ‘ancestor::x’ ) { |el| … }
-
XPath.each( node, ‘/book/publisher/text()=$publisher’, {},
{“publisher”=>“O’Reilly”}) \
-
{|el| … }
def XPath::each element, path=nil, namespaces=nil, variables={},
&block
raise “The namespaces argument, if supplied, must be a hash
object.” unless namespaces.nil? or namespaces.kind_of?(Hash)
raise “The variables argument, if supplied, must be a hash
object.” unless variables.kind_of?(Hash)