Do not always mark the default translation as html safe

If the `_html` suffis isn't provided we should not mark the default translation as html safe and escape it.
2024-02-27 01:34:54 +00:00 · 2024-02-27 01:34:54 +00:00 · d216d1ede7
commit d216d1ede7
parent c402ec7872
3 changed files with 28 additions and 10 deletions
--- a/actionpack/lib/abstract_controller/translation.rb
+++ b/actionpack/lib/abstract_controller/translation.rb
@ -23,10 +23,12 @@ def translate(key, **options)
        key = "#{path}.#{action_name}#{key}"
      end

-      if options[:default]
-        options[:default] = [options[:default]] unless options[:default].is_a?(Array)
-        options[:default] = options[:default].map do |value|
-          value.is_a?(String) ? ERB::Util.html_escape(value) : value
+      if ActiveSupport::HtmlSafeTranslation.html_safe_translation_key?(key)
+        if options[:default]
+          options[:default] = [options[:default]] unless options[:default].is_a?(Array)
+          options[:default] = options[:default].map do |value|
+            value.is_a?(String) ? ERB::Util.html_escape(value) : value
+          end
        end
      end

--- a/actionpack/test/abstract/translation_test.rb
+++ b/actionpack/test/abstract/translation_test.rb
@ -83,17 +83,33 @@ def test_default_translation
        end
      end

-      def test_default_translation_as_safe_html
+      def test_default_translation_as_unsafe_html
        @controller.stub :action_name, :index do
          translation = @controller.t(".twoz", default: ["<tag>"])
+          assert_equal "<tag>", translation
+          assert_equal false, translation.html_safe?
+        end
+      end
+
+      def test_default_translation_as_safe_html
+        @controller.stub :action_name, :index do
+          translation = @controller.t(".twoz_html", default: ["<tag>"])
          assert_equal "&lt;tag&gt;", translation
          assert_equal true, translation.html_safe?
        end
      end

-      def test_default_translation_with_raise_as_safe_html
+      def test_default_translation_with_raise_as_unsafe_html
        @controller.stub :action_name, :index do
          translation = @controller.t(".twoz", raise: true, default: ["<tag>"])
+          assert_equal "<tag>", translation
+          assert_equal false, translation.html_safe?
+        end
+      end
+
+      def test_default_translation_with_raise_as_safe_html
+        @controller.stub :action_name, :index do
+          translation = @controller.t(".twoz_html", raise: true, default: ["<tag>"])
          assert_equal "&lt;tag&gt;", translation
          assert_equal true, translation.html_safe?
        end
--- a/activesupport/lib/active_support/html_safe_translation.rb
+++ b/activesupport/lib/active_support/html_safe_translation.rb
@ -24,11 +24,11 @@ def translate(key, **options)
      end
    end

-    private
-      def html_safe_translation_key?(key)
-        /(?:_|\b)html\z/.match?(key)
-      end
+    def html_safe_translation_key?(key)
+      /(?:_|\b)html\z/.match?(key)
+    end

+    private
      def html_escape_translation_options(options)
        options.each do |name, value|
          unless i18n_option?(name) || (name == :count && value.is_a?(Numeric))