Merge branch 'fix-json-encoding'

This is the compination of #10057 and 10534.

Closes #10320

3 files changed, 18 insertions, 5 deletions

diff --git a/activesupport/CHANGELOG.md b/activesupport/CHANGELOG.md
index 2e04b17e78..7c666a9b83 100644
--- a/activesupport/CHANGELOG.md
+++ b/activesupport/CHANGELOG.md
@@ -1,3 +1,9 @@
+*   Added escaping of U+2028 and U+2029 inside the json encoder.
+    These characters are legal in JSON but break the Javascript interpreter.
+    After escaping them, the JSON is still legal and can be parsed by Javascript.
+
+    *Mario Caropreso + Viktor Kelemen + zackham*
+
 *   Fix skipping object callbacks using metadata fetched via callback chain
     inspection methods (`_*_callbacks`)
 
diff --git a/activesupport/lib/active_support/json/encoding.rb b/activesupport/lib/active_support/json/encoding.rb
index 9bf1ea35b3..7f8b41d218 100644
--- a/activesupport/lib/active_support/json/encoding.rb
+++ b/activesupport/lib/active_support/json/encoding.rb
@@ -1,3 +1,5 @@
+#encoding: us-ascii
+
 require 'active_support/core_ext/object/to_json'
 require 'active_support/core_ext/module/delegation'
 require 'active_support/json/variable'
@@ -98,13 +100,18 @@ module ActiveSupport
         "\010" =>  '\b',
         "\f"   =>  '\f',
         "\n"   =>  '\n',
+        "\xe2\x80\xa8" => '\u2028',
+        "\xe2\x80\xa9" => '\u2029',
         "\r"   =>  '\r',
         "\t"   =>  '\t',
         '"'    =>  '\"',
         '\\'   =>  '\\\\',
         '>'    =>  '\u003E',
         '<'    =>  '\u003C',
-        '&'    =>  '\u0026' }
+        '&'    =>  '\u0026',
+        "#{0xe2.chr}#{0x80.chr}#{0xa8.chr}" => '\u2028',
+        "#{0xe2.chr}#{0x80.chr}#{0xa9.chr}" => '\u2029',
+        }
 
       class << self
         # If true, use ISO 8601 format for dates and times. Otherwise, fall back
@@ -121,9 +128,9 @@ module ActiveSupport
         def escape_html_entities_in_json=(value)
           self.escape_regex = \
             if @escape_html_entities_in_json = value
-              /[\x00-\x1F"\\><&]/
+              /\xe2\x80\xa8|\xe2\x80\xa9|[\x00-\x1F"\\><&]/
             else
-              /[\x00-\x1F"\\]/
+              /\xe2\x80\xa8|\xe2\x80\xa9|[\x00-\x1F"\\]/
             end
         end
 
diff --git a/activesupport/test/json/encoding_test.rb b/activesupport/test/json/encoding_test.rb
index 8686dcf929..106a7fb522 100644
--- a/activesupport/test/json/encoding_test.rb
+++ b/activesupport/test/json/encoding_test.rb
@@ -45,8 +45,8 @@ class TestJSONEncoding < ActiveSupport::TestCase
   StringTests   = [[ 'this is the <string>',     %("this is the \\u003Cstring\\u003E")],
                    [ 'a "string" with quotes & an ampersand', %("a \\"string\\" with quotes \\u0026 an ampersand") ],
                    [ 'http://test.host/posts/1', %("http://test.host/posts/1")],
-                   [ "Control characters: \x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f",
-                     %("Control characters: \\u0000\\u0001\\u0002\\u0003\\u0004\\u0005\\u0006\\u0007\\b\\t\\n\\u000B\\f\\r\\u000E\\u000F\\u0010\\u0011\\u0012\\u0013\\u0014\\u0015\\u0016\\u0017\\u0018\\u0019\\u001A\\u001B\\u001C\\u001D\\u001E\\u001F") ]]
+                   [ "Control characters: \x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\342\200\250\342\200\251",
+                     %("Control characters: \\u0000\\u0001\\u0002\\u0003\\u0004\\u0005\\u0006\\u0007\\b\\t\\n\\u000B\\f\\r\\u000E\\u000F\\u0010\\u0011\\u0012\\u0013\\u0014\\u0015\\u0016\\u0017\\u0018\\u0019\\u001A\\u001B\\u001C\\u001D\\u001E\\u001F\\u2028\\u2029") ]]
 
   ArrayTests    = [[ ['a', 'b', 'c'],          %([\"a\",\"b\",\"c\"])          ],
                    [ [1, 'a', :b, nil, false], %([1,\"a\",\"b\",null,false]) ]]