diff options
| author | Aaron Patterson <aaron.patterson@gmail.com> | 2012-03-12 10:09:34 -0700 |
|---|---|---|
| committer | Aaron Patterson <aaron.patterson@gmail.com> | 2012-03-12 10:09:34 -0700 |
| commit | dea486d00ed8b9beec767324dfd15bec72d8a1ca (patch) | |
| tree | e4a851f32a9c6bae53e0d7703a14b41593eb849b | |
| parent | 2b0558585fa495e61e67f4226aa3ba2eb7771106 (diff) | |
| parent | c8168a7cdcdda114f634e8a429ba7ebac86eaf18 (diff) | |
| download | rails-dea486d00ed8b9beec767324dfd15bec72d8a1ca.tar.gz rails-dea486d00ed8b9beec767324dfd15bec72d8a1ca.tar.bz2 rails-dea486d00ed8b9beec767324dfd15bec72d8a1ca.zip | |
Merge pull request #5380 from benmmurphy/escape_unicode_paragraph_separator
ensure u2029 is escaped in escape_javascript helper
| -rw-r--r-- | actionpack/lib/action_view/helpers/javascript_helper.rb | 4 | ||||
| -rw-r--r-- | actionpack/test/template/javascript_helper_test.rb | 2 |
2 files changed, 5 insertions, 1 deletions
diff --git a/actionpack/lib/action_view/helpers/javascript_helper.rb b/actionpack/lib/action_view/helpers/javascript_helper.rb index ac9e530f01..d88f5babb9 100644 --- a/actionpack/lib/action_view/helpers/javascript_helper.rb +++ b/actionpack/lib/action_view/helpers/javascript_helper.rb @@ -14,6 +14,8 @@ module ActionView } JS_ESCAPE_MAP["\342\200\250".force_encoding('UTF-8').encode!] = '
' + JS_ESCAPE_MAP["\342\200\251".force_encoding('UTF-8').encode!] = '
' + # Escapes carriage returns and single and double quotes for JavaScript segments. # @@ -22,7 +24,7 @@ module ActionView # $('some_element').replaceWith('<%=j render 'some/element_template' %>'); def escape_javascript(javascript) if javascript - result = javascript.gsub(/(\\|<\/|\r\n|\342\200\250|[\n\r"'])/u) {|match| JS_ESCAPE_MAP[match] } + result = javascript.gsub(/(\\|<\/|\r\n|\342\200\250|\342\200\251|[\n\r"'])/u) {|match| JS_ESCAPE_MAP[match] } javascript.html_safe? ? result.html_safe : result else '' diff --git a/actionpack/test/template/javascript_helper_test.rb b/actionpack/test/template/javascript_helper_test.rb index 9441bd6b38..64898f7ad1 100644 --- a/actionpack/test/template/javascript_helper_test.rb +++ b/actionpack/test/template/javascript_helper_test.rb @@ -28,6 +28,8 @@ class JavaScriptHelperTest < ActionView::TestCase assert_equal %(backslash\\\\test), escape_javascript( %(backslash\\test) ) assert_equal %(dont <\\/close> tags), escape_javascript(%(dont </close> tags)) assert_equal %(unicode 
 newline), escape_javascript(%(unicode \342\200\250 newline).force_encoding('UTF-8').encode!) + assert_equal %(unicode 
 newline), escape_javascript(%(unicode \342\200\251 newline).force_encoding('UTF-8').encode!) + assert_equal %(dont <\\/close> tags), j(%(dont </close> tags)) end |