aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_view/helpers/javascript_helper.rb
diff options
context:
space:
mode:
authorDavid Heinemeier Hansson <david@loudthinking.com>2007-09-22 18:31:44 +0000
committerDavid Heinemeier Hansson <david@loudthinking.com>2007-09-22 18:31:44 +0000
commitda5d8fa6ad1b3ba6fcaaf81acbfff17b177f9964 (patch)
treec3c568730768c6fba130ecbe7544eed1d2f50fc1 /actionpack/lib/action_view/helpers/javascript_helper.rb
parent9809dc4540e17d98c10f90a6ef4131cd712fb8b2 (diff)
downloadrails-da5d8fa6ad1b3ba6fcaaf81acbfff17b177f9964.tar.gz
rails-da5d8fa6ad1b3ba6fcaaf81acbfff17b177f9964.tar.bz2
rails-da5d8fa6ad1b3ba6fcaaf81acbfff17b177f9964.zip
Fixed JavaScriptHelper#escape_javascript to also escape closing tags (closes #8023) [rubyruy]
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7567 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Diffstat (limited to 'actionpack/lib/action_view/helpers/javascript_helper.rb')
-rw-r--r--actionpack/lib/action_view/helpers/javascript_helper.rb2
1 files changed, 1 insertions, 1 deletions
diff --git a/actionpack/lib/action_view/helpers/javascript_helper.rb b/actionpack/lib/action_view/helpers/javascript_helper.rb
index 45a5791efe..8e7542e206 100644
--- a/actionpack/lib/action_view/helpers/javascript_helper.rb
+++ b/actionpack/lib/action_view/helpers/javascript_helper.rb
@@ -149,7 +149,7 @@ module ActionView
# Escape carrier returns and single and double quotes for JavaScript segments.
def escape_javascript(javascript)
- (javascript || '').gsub('\\','\0\0').gsub(/\r\n|\n|\r/, "\\n").gsub(/["']/) { |m| "\\#{m}" }
+ (javascript || '').gsub('\\','\0\0').gsub('</','<\/').gsub(/\r\n|\n|\r/, "\\n").gsub(/["']/) { |m| "\\#{m}" }
end
# Returns a JavaScript tag with the +content+ inside. Example:
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-02 08:23:13 +0000