Erubis 2.6.0 released - a fast and extensible eRuby

Ruby
1

I have released Erubis 2.6.0.
http://www.kuwata-lab.com/erubis/
http://www.kuwata-lab.com/erubis/support/
Erubis is another eRuby implementation which is very fast and
extensible than ERB and eruby.

Enhancements from 2.5.0:

  • Improved support of Ruby on Rails 2.0.2.
    New class ActionView::TemplateHandlers::Erubis is defined and
    registered as default handler of *.html.erb and *.rhtml.

  • ‘<%% %>’ and ‘<%%= %>’ are converted into ‘<% %>’ and ‘<%= %>’
    respectively.
    This is for compatibility with ERB.

    ex1.rhtml:


      <%% for item in @list %>
    • <%%= item %>

      • <%% end %>

    result:
    $ erubis ex1.rhtml


      <% for item in @list %>
    • <%= item %>

      • <% end %>

  • ‘<%= -%>’ removes tailing spaces and newlines.
    This is for compatibiliy with ERB when trim mode is ‘-’.
    ‘<%= =%>’ also removes tailing spaces and newlines, and this is
    Erubis-original enhancement (cooler than ‘<%= -%>’, isn’t it?).

    ex2.rhtml:

    <%= @var -%> # or <%= @var =%>

    result (version 2.6.0):
    $ erubis -c ‘{var: “AAA\n”}’ ex2.rhtml


    AAA

    result (version 2.5.0):
    $ erubis -c ‘{var: “AAA\n”}’ ex2.rhtml


    AAA

    </div>

  • Erubis::Eruby.load_file() now allows you to change cache filename.

    ex.
    eruby = Erubis::Eruby.load_file(“ex3.rhtml”,
    :cachename=>‘ex3.rhtml.cache’)

2

makoto kuwata [email protected] wrote:

I have released Erubis 2.6.0.

i do have the same security prob with this version, here is my Apache2
log :
[Mon May 05 17:51:45 2008] [notice] Apache/2.2.8 (Unix) mod_ssl/2.2.8
OpenSSL/0.9.8g DAV/2 mod_ruby/1.2.6 Ruby/1.8.6(2007-09-24) PHP/5.2.5
configured – resuming normal operations
[Mon May 05 17:53:16 2008] [error] [client 127.0.0.1] File does not
exist: /Users/yt/Sites/favicon.ico
[Mon May 05 17:53:18 2008] [error] mod_ruby: error in ruby
[Mon May 05 17:53:18 2008] [error] mod_ruby:
/opt/local/lib/ruby/gems/1.8/gems/erubis-2.6.0/lib/erubis/evaluator.rb:6
2:in eval': Insecure operation - eval (SecurityError) [Mon May 05 17:53:18 2008] [error] mod_ruby: from /opt/local/lib/ruby/gems/1.8/gems/erubis-2.6.0/lib/erubis/evaluator.rb:6 2:in result’
[Mon May 05 17:53:18 2008] [error] mod_ruby: from
/Users/yt/Sites/erubis/example3.rbx:15
[Mon May 05 17:53:18 2008] [error] mod_ruby: from
/opt/local/lib/ruby/1.8/apache/ruby-run.rb:53:in load' [Mon May 05 17:53:18 2008] [error] mod_ruby: from /opt/local/lib/ruby/1.8/apache/ruby-run.rb:53:in handler’

example3.rbx is the same as yours, i’ve only changed extension to .rbx :
#! /usr/bin/env ruby -wx

example3.rb

require ‘rubygems’
require ‘erubis’

input=File.read(‘example3.eruby’)
eruby=Erubis::EscapedEruby.new(input)

puts “-------- script source —”
puts eruby.src
puts “-------- result ----------”
list=[‘’, ‘b&b’, ‘“ccc”’]
puts eruby.result(binding())

3

[email protected] wrote:

  • Improved support of Ruby on Rails 2.0.2.
    New class ActionView::TemplateHandlers::Erubis is defined and
    registered as default handler of *.html.erb and *.rhtml.

Doesn’t work over here with Rails 2.0.2 and Erubis 2.6.0. The reason is
because ActionView::Base doesn’t have methods
register_default_template_handler nor register_template_handler. Those
are
now in ActionView::Template.

I’ve posted a bug at Erubis’ tracker
(http://rubyforge.org/tracker/index.php?func=detail&aid=20015&group_id=1320&atid=5201)
that includes the simple fix (change “Base.class_eval” to
“Template.class_eval”).

Dave