Security News
Follow-up and Clarification on Recent Malicious Ruby Gems Campaign
A clarification on our recent research investigating 60 malicious Ruby gems.
By Sarah Gooding - Aug 22, 2025
nested_layouts
h1. NestedLayouts
This is a gem version for "radar/nested-layouts":http://github.com/radar/nested-layouts plugin.
Plugin allows to specify outer layouts for particular layout thus creating nested layouts.
h2. Usage
You can be installed as a gem from "Gemcutter":http://gemcutter.org. Add the following line to your @config/environment.rb@:
config.gem "nested_layouts", :source => "http://gemcutter.org"
h2. Wrapping layout into another layout
Let's assume you have controller which action 'hello' just was called. Controller was set up to use 'inner' layout:
app/controllers/hello_controller.rb
class HelloController < ApplicationController
layout 'inner'
def hello
render :text => 'Hello, world!'
end
end
app/views/layouts/inner.rhtml
<% inside_layout 'outer' do -%>
Greetings
<%= yield %>
<% end -%>
app/views/layouts/outer.rhtml
<%= yield %>
Result will look like this (formatted for better reading):
Greetings
Hello, world!
h2. Concept
Concept of layout nesting here is based on the assumption that every inner layout is used only to customize it's outer layout and thus every inner layout is used only with one specific outer layout. With this in mind we can conclude that every layout must know it's outer layout and thus information about outer layout must be embeded directly into inner layout. Controller doesn't need to know about the whole stack of layouts, so you should just specify the most inner layout in it.
h2. Passing data
You can pass data from inner layout to outer one, e.g.:
layouts/inner.rhtml
<% content_for 'menu' do -%>
<% end -%>
<% inside_layout 'outer' do -%>
<% @other_data_for_outer_layout = 'foo' -%>
<%= yield %>
<% end -%>
layouts/outer.rhtml
<%= yield 'menu' %>
The data was: <%= @other_data_for_outer_layout %>
<%= yield %>
h2. Inline layouts
Instead of using layout stored in file system, you can use +inside_inline_layout+ to wrap template part into some template code passed as a string. It is usefull if you want to use layouts that are stored in DB:
Layout model
class Layout < ActiveRecord::Base
# Has attributes 'name' and 'contents'
end
Helper
module ApplicationHelper
def inside_db_layout(name, &block)
layout = Layout.find_by_name(name)
template = layout ? layout.contents : '<%= yield %>'
inside_inline_layout(template, &block)
end
end
View
<% inside_db_layout 'layout_from_db1' do %>
Content
<% end %>
== Bugs & Feedback
Plugin originally by Ryan Bigg (radarlistener@gmail.com)
Home Page: "http://github.com/radar/nested-layouts":http://github.com/radar/nested-layouts
FAQs
Unknown package
We found that nested_layouts demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 19 Oct 2009
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
ESLint Adds Support for Parallel Linting, Closing 10-Year-Old Feature Request
ESLint now supports parallel linting with a new --concurrency flag, delivering major speed gains and closing a 10-year-old feature request.
By Sarah Gooding - Aug 22, 2025
Research
/Security News
Malicious Go Module Disguised as SSH Brute Forcer Exfiltrates Credentials via Telegram
A malicious Go module posing as an SSH brute forcer exfiltrates stolen credentials to a Telegram bot controlled by a Russian-speaking threat actor.
By Kirill Boychenko - Aug 21, 2025