Removed Array#safe_join in AS core_ext and moved it to a view helper with the...

Removed Array#safe_join in AS core_ext and moved it to a view helper with the same same. This also changes how safe_join works, if items or the separator are not html_safe they are html_escape'd, a html_safe string is always returned.
Signed-off-by: NJosé Valim <jose.valim@gmail.com>

actionpack/lib/action_view/helpers.rb

@@ -18,7 +18,7 @@ module Helpers #:nodoc:
     autoload :JavaScriptHelper, "action_view/helpers/javascript_helper"
     autoload :NumberHelper
     autoload :PrototypeHelper
-    autoload :RawOutputHelper
+    autoload :OutputSafetyHelper
     autoload :RecordTagHelper
     autoload :SanitizeHelper
     autoload :ScriptaculousHelper
@@ -48,7 +48,7 @@ module Helpers #:nodoc:
     include JavaScriptHelper
     include NumberHelper
     include PrototypeHelper
-    include RawOutputHelper
+    include OutputSafetyHelper
     include RecordTagHelper
     include SanitizeHelper
     include ScriptaculousHelper

actionpack/lib/action_view/helpers/raw_output_helper.rb → actionpack/lib/action_view/helpers/output_safety_helper.rb

+require 'active_support/core_ext/string/output_safety'
+
 module ActionView #:nodoc:
   # = Action View Raw Output Helper
   module Helpers #:nodoc:
-    module RawOutputHelper
+    module OutputSafetyHelper
       # This method outputs without escaping a string. Since escaping tags is
       # now default, this can be used when you don't want Rails to automatically
       # escape tags. This is not recommended if the data is coming from the user's
@@ -13,6 +15,24 @@ module RawOutputHelper
       def raw(stringish)
         stringish.to_s.html_safe
       end
+
+      # This method returns a html safe string similar to what <tt>Array#join</tt>
+      # would return. All items in the array, including the supplied separator, are
+      # html escaped unless they are html safe, and the returned string is marked
+      # as html safe.
+      #
+      #   safe_join(["<p>foo</p>".html_safe, "<p>bar</p>"], "<br />")
+      #   # => "<p>foo</p>&lt;br /&gt;&lt;p&gt;bar&lt;/p&gt;"
+      #
+      #   safe_join(["<p>foo</p>".html_safe, "<p>bar</p>".html_safe], "<br />".html_safe)
+      #   # => "<p>foo</p><br /><p>bar</p>"
+      #
+      def safe_join(array, sep=$,)
+        sep ||= "".html_safe
+        sep = ERB::Util.html_escape(sep)
+
+        array.map { |i| ERB::Util.html_escape(i) }.join(sep).html_safe
+      end
     end
   end
 end
\ No newline at end of file

actionpack/test/template/raw_output_helper_test.rb → actionpack/test/template/output_safety_helper_test.rb

 require 'abstract_unit'
 require 'testing_sandbox'
 
-class RawOutputHelperTest < ActionView::TestCase
-  tests ActionView::Helpers::RawOutputHelper
+class OutputSafetyHelperTest < ActionView::TestCase
+  tests ActionView::Helpers::OutputSafetyHelper
   include TestingSandbox
 
   def setup
@@ -18,4 +18,13 @@ def setup
   test "raw handles nil values correctly" do
     assert_equal "", raw(nil)
   end
+
+  test "safe_join should html_escape any items, including the separator, if they are not html_safe" do
+    joined = safe_join(["<p>foo</p>".html_safe, "<p>bar</p>"], "<br />")
+    assert_equal "<p>foo</p>&lt;br /&gt;&lt;p&gt;bar&lt;/p&gt;", joined
+
+    joined = safe_join(["<p>foo</p>".html_safe, "<p>bar</p>".html_safe], "<br />".html_safe)
+    assert_equal "<p>foo</p><br /><p>bar</p>", joined
+  end
+
 end
\ No newline at end of file

activesupport/lib/active_support/core_ext/string/output_safety.rb

@@ -122,34 +122,3 @@ def html_safe
     ActiveSupport::SafeBuffer.new(self)
   end
 end
-
-class Array
-  # If the separator and all the items in the array are html safe
-  # then an html safe string is returned using <tt>Array#join</tt>,
-  # otherwise the result of <tt>Array#join</tt> is returned without
-  # marking it as html safe.
-  #
-  #   ["Mr", "Bojangles"].join.html_safe?
-  #   # => false
-  #
-  #   ["Mr".html_safe, "Bojangles".html_safe].join.html_safe?
-  #   # => true
-  #
-  def safe_join(sep=$,)
-    sep ||= "".html_safe
-    str = join(sep)
-    (sep.html_safe? && html_safe?) ? str.html_safe : str
-  end
-
-  # Returns +true+ if all items in the array are html safe.
-  #
-  #   [""].html_safe?
-  #   # => false
-  #
-  #   ["".html_safe].html_safe?
-  #   # => true
-  #
-  def html_safe?
-    detect { |e| !e.html_safe? }.nil?
-  end
-end

activesupport/test/core_ext/string_ext_test.rb

@@ -434,50 +434,6 @@ def to_s
     assert string.html_safe?
   end
 
-  test "Joining safe elements without a separator is safe" do
-    array = 5.times.collect { "some string".html_safe }
-    assert array.safe_join.html_safe?
-  end
-
-  test "Joining safe elements with a safe separator is safe" do
-    array = 5.times.collect { "some string".html_safe }
-    assert array.safe_join("-".html_safe).html_safe?
-  end
-
-  test "Joining safe elements with an unsafe separator is unsafe" do
-    array = 5.times.collect { "some string".html_safe }
-    assert !array.safe_join("-").html_safe?
-  end
-
-  test "Joining is unsafe if any element is unsafe even with a safe separator" do
-    array = 5.times.collect { "some string".html_safe }
-    array << "some string"
-    assert !array.safe_join("-".html_safe).html_safe?
-  end
-
-  test "Joining is unsafe if any element is unsafe and no separator is given" do
-    array = 5.times.collect { "some string".html_safe }
-    array << "some string"
-    assert !array.safe_join.html_safe?
-  end
-
-  test "Joining is unsafe if any element is unsafe and the separator is unsafe" do
-    array = 5.times.collect { "some string".html_safe }
-    array << "some string"
-    assert !array.safe_join("-").html_safe?
-  end
-
-  test "Array is safe if all elements are safe" do
-    array = 5.times.collect { "some string".html_safe }
-    assert array.html_safe?
-  end
-
-  test "Array is unsafe if any element is unsafe" do
-    array = 5.times.collect { "some string".html_safe }
-    array << "some string"
-    assert !array.html_safe?
-  end
-
   test 'emits normal string yaml' do
     assert_equal 'foo'.to_yaml, 'foo'.html_safe.to_yaml(:foo => 1)
   end