Add warnings for invalid ERB trim modes
Currently, the ERB library will accept any value for the "trim mode". If the trim mode is any string containing
<> or an integer 0-2, the appropriate trim mode will be set. If not, no exception or warning is raised.
I had a bug in Brakeman for 1.5 years because I was passing the wrong value as the trim mode. Since the value coincidentally contained
- on my test machine, I didn't notice until yesterday.
The attached patch proposes reporting a warning if an invalid trim mode is provided. It does allow a couple invalid modes (you could provide duplicate or conflicting values, like
<>>), but I think this is still an improvement over accepting any value at all.
If there is interest, I could spend some time to make it even more strict.
I set the
5, which is right if a user is calling
ERB.new (most common case?). I don't know if that is the correct approach.
In the future, perhaps this should be an exception instead of a warning.