|  | Commit message (Collapse) | Author | Files | Lines | 
|---|
|  | This PR adds the tests by @msrd0 <git@msrd0.de> that failed before.
The error was fixed somewhen between f23162a and now, so these tests
serve to prevent regressions in the future.
I simplified the tests very slightly to omit whitespaces in the output. | 
|  |  | 
|  | `target()` as used in parsing "let" and "if let" implements parsing
nested tuples and structs. But it does not implement parsing literals.
The functions `match_variant()` and `with_parameters()` as used in
parsing "when" blocks do not implement parsing nested structs, but it
implements parsing literals.
This PR combines `match_variant()` and `with_parameters()` into
`target()`, so that all `{%when%}` support nested structs, too. | 
|  | Askama uses the syntax `{% when Variant with (parameters) %}` in
`{% match %}` blocks. This is done because Askama does not implement the
whole pattern matching of Rust's `match` statements.
This PR wants to bring Askama a step closer Rust's matching, so the
"with" keyword should not be needed anymore. | 
|  | Askama uses the syntax `{% when Variant with (parameters) %}` in
`{% match %}` blocks.
This change allows the optional use of the keyword "with" in "let" and
"if let" statements, too. | 
|  | This PR implements the destructoring of structs on the lhs of "let" and
"for" statements. | 
|  |  | 
|  |  | 
|  |  | 
|  | The current rust_test uses `stringify!()`. The documentation gives us
the warning:
> Note that the expanded results of the input tokens may change in the
> future. You should be careful if you rely on the output.
In the current nightly rust the result was indeed changed, so the test
not fails.
This PR replaces the test with another macro, that does not depend on
`stringify!()`.
Closes issue #504. | 
|  | rust-lang/rust#82069 made error message that stem macro invocations more
verbose. Since Rust 1.54 (currently in beta) the message includes the
name of the offending macro.
This PR uses version_check to select the appropriate expected error
message. | 
|  |  | 
|  |  | 
|  |  | 
|  | This was based off of the OWASP XSS prevention cheat sheet --
https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html#output-encoding-rules-summary
However, there isn't really any attack vector based on forward slash alone, and
it's being removed in the next version of that document.
> There is no proof that escaping forward slash will improve
> defense against XSS, if all other special characters are escaped
> properly, but it forces developers to use non-standard implementation of
> the HTML escaping, what increases the risk of the mistake and makes the
> implementation harder.
https://github.com/OWASP/CheatSheetSeries/pull/516 | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  | * Fixed #397
* Updated parser to ignore whitespace between match and when
* Updated test cases
* Updated Python script to generate match ws tests
* Added match ws tests
* Resolved rustfmt lint | 
|  | * Fixed #377 | 
|  |  | 
|  | * Changed to automatically coerce to bool
* Added new test case
* Updated test case to include else if | 
|  |  | 
|  |  | 
|  | Signed-off-by: Yuxuan Shui <yshuiv7@gmail.com> | 
|  |  | 
|  |  | 
|  | This allows a more natural filter usage: `{{ val | fmt("{:?}") }}`
as well as enabling convenient filter composition:
`{{ price | to_f64 | fmt("${:.2}") | center }}` | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  | Do not attempt to parse escape sequences thoroughly. Instead let the
Rust compiler to check the string literals and provide nice error
messages if necessary. | 
|  |  | 
|  |  |