Fix html escaping non strings (#1961)

camertron · web-flow · commit aca32f36c6bb · 2024-01-08T13:17:55.000-08:00
diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md
@@ -10,10 +10,13 @@ nav_order: 5
 
 ## main
 
+* Fix html escaping in `#call` for non-strings.
+
+    *Reegan Viljoen, Cameron Dutro*
+
 * Add `output_preamble` to match `output_postamble`, using the same safety checks.
 
-    *Kali Donovan*
-    *Michael Daross*
+    *Kali Donovan, Michael Daross*
 
 * Exclude html escaping of I18n reserved keys with `I18n::RESERVED_KEYS` rather than `I18n.reserved_keys_pattern`.
 
diff --git a/lib/view_component/base.rb b/lib/view_component/base.rb
@@ -318,7 +318,7 @@ def content_evaluated?
 
     def maybe_escape_html(text)
       return text if request && !request.format.html?
-      return text if text.nil? || text.empty?
+      return text if text.blank?
 
       if text.html_safe?
         text
diff --git a/test/sandbox/app/components/inline_integer_component.rb b/test/sandbox/app/components/inline_integer_component.rb
@@ -0,0 +1,5 @@
+class InlineIntegerComponent < ViewComponent::Base
+  def call
+    1
+  end
+end
diff --git a/test/sandbox/test/slotable_test.rb b/test/sandbox/test/slotable_test.rb
@@ -752,4 +752,10 @@ def test_slot_names_can_start_with_call
       end
     end
   end
+
+  def test_inline_html_escape_with_integer
+    assert_nothing_raised do
+      render_inline InlineIntegerComponent.new
+    end
+  end
 end

-Original file line number
+Diff line change
@@ @@ -0,0 +1,5 @@ @@
 +class InlineIntegerComponent < ViewComponent::Base
 +  def call
 +    1
 +  end
 +end