Fix html escaping non strings (#1961)

ViewComponent · Jan 8, 2024 · aca32f3 · aca32f3
1 parent cc7c313
commit aca32f3
Show file tree

Hide file tree

Showing 4 changed files with 17 additions and 3 deletions.
diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md
@@ -10,10 +10,13 @@ nav_order: 5
 
 ## main
 
+* Fix html escaping in `#call` for non-strings.
+
+    *Reegan Viljoen, Cameron Dutro*
+
 * Add `output_preamble` to match `output_postamble`, using the same safety checks.
 
-    *Kali Donovan*
-    *Michael Daross*
+    *Kali Donovan, Michael Daross*
 
 * Exclude html escaping of I18n reserved keys with `I18n::RESERVED_KEYS` rather than `I18n.reserved_keys_pattern`.
 

diff --git a/lib/view_component/base.rb b/lib/view_component/base.rb
@@ -318,7 +318,7 @@ def content_evaluated?
 
     def maybe_escape_html(text)
       return text if request && !request.format.html?
-      return text if text.nil? || text.empty?
+      return text if text.blank?
 
       if text.html_safe?
         text

diff --git a/test/sandbox/app/components/inline_integer_component.rb b/test/sandbox/app/components/inline_integer_component.rb
@@ -0,0 +1,5 @@
+class InlineIntegerComponent < ViewComponent::Base
+  def call
+    1
+  end
+end
diff --git a/test/sandbox/test/slotable_test.rb b/test/sandbox/test/slotable_test.rb
@@ -752,4 +752,10 @@ def test_slot_names_can_start_with_call
       end
     end
   end
+
+  def test_inline_html_escape_with_integer
+    assert_nothing_raised do
+      render_inline InlineIntegerComponent.new
+    end
+  end
 end