* An alternative exception is passed as option, eg.
s.constantzie_with_care(Lst,CustomException)
becomes
s.constantzie_with_care(Lst, :exception => CustomException)
* support for :ancestors option
1 = Constantize with Care
4 Copyright (c) 2008 Henryk Gerach, released under the MIT license
8 http://www.littleimpact.de/hg/constantize_with_care/
11 Constantize wit Care protects the <tt>String#constantize</tt> method against
12 'class injection' (i.e. the constantization of unintended classes) by checking
13 the to be constantized string against a whitelist of +allowed_classes+.
15 The whitelist of +allowed_classes+ may be a set (optimized performance) or
16 an array of strings, a set or an array of classes or a regular expression
17 (disrecommended since difficult).
19 If the string is not allowed to be constantized an exception is raised.
20 The +exception+ defaults to RuntimeError and can be overidden in the options.
22 The method <tt>constantize_with_care</tt> is added to the String class.
23 Instead of <tt>String#constantize</tt> the method
24 <tt>String#constantize_really_trusted_data</tt> can be used to indicate that
25 the programmer is sure that the used data is save.
28 # A Set of strings should be the fastest implementation:
29 # ConstantSetOfStringsOfAllowedClasses = Set.new ["String","Fixnum"]
30 # or possibly more convenient:
31 ConstantSetOfStringsOfAllowedClasses = Set.new [String,Fixnum].map(&:to_s)
33 "String".constantize_with_care(ConstantSetOfStringsOfAllowedClasses) #=> String
34 "Float".constantize_with_care(ConstantSetOfStringsOfAllowedClasses) #=> raises RuntimeError
37 "String".constantize_with_care([String,Fixnum]) #=> String
38 "Float".constantize_with_care([String,Fixnum], :exception => Exception) #=> raises Exception
41 # Everything that starts with S is okay:
42 "String".constantize_with_care(/^S/) #=> String
43 "Float".constantize_with_care(/^S/) #=> raises RuntimeError