Make escape_javascript happy to handle SafeBuffers

* see GH#1553
* allow for the fact that gsub on SafeBuffer does not pass match variables $1, $2 etc to a block

2 files changed, 8 insertions, 1 deletions

diff --git a/actionpack/lib/action_view/helpers/javascript_helper.rb b/actionpack/lib/action_view/helpers/javascript_helper.rb
index d7228bab67..8a6f2e84be 100644
--- a/actionpack/lib/action_view/helpers/javascript_helper.rb
+++ b/actionpack/lib/action_view/helpers/javascript_helper.rb
@@ -18,7 +18,7 @@ module ActionView
       #   $('some_element').replaceWith('<%=j render 'some/element_template' %>');
       def escape_javascript(javascript)
         if javascript
-          javascript.gsub(/(\\|<\/|\r\n|[\n\r"'])/) { JS_ESCAPE_MAP[$1] }
+          javascript.gsub(/(\\|<\/|\r\n|[\n\r"'])/) {|match| JS_ESCAPE_MAP[match] }
         else
           ''
         end
diff --git a/actionpack/test/template/javascript_helper_test.rb b/actionpack/test/template/javascript_helper_test.rb
index 538e0e9874..15bd6b4c47 100644
--- a/actionpack/test/template/javascript_helper_test.rb
+++ b/actionpack/test/template/javascript_helper_test.rb
@@ -30,6 +30,13 @@ class JavaScriptHelperTest < ActionView::TestCase
     assert_equal %(dont <\\/close> tags), j(%(dont </close> tags))
   end
 
+  def test_escape_javascript_with_safebuffer
+    given = %('quoted' "double-quoted" new-line:\n </closed>)
+    expect = %(\\'quoted\\' \\"double-quoted\\" new-line:\\n <\\/closed>)
+    assert_equal expect, escape_javascript(given)
+    assert_equal expect, escape_javascript(ActiveSupport::SafeBuffer.new(given))
+  end
+
   def test_button_to_function
     assert_dom_equal %(<input type="button" onclick="alert('Hello world!');" value="Greeting" />),
       button_to_function("Greeting", "alert('Hello world!')")