diff options
| author | David Heinemeier Hansson <david@loudthinking.com> | 2005-03-26 14:03:55 +0000 |
|---|---|---|
| committer | David Heinemeier Hansson <david@loudthinking.com> | 2005-03-26 14:03:55 +0000 |
| commit | 3fe9d8ac359cc38698b3ee7fb876308dfdf144ed (patch) | |
| tree | 07e333be34a1deebff29687724e92e6aa08937f6 /actionpack | |
| parent | 7a6a923f983a2d642a4efd4e962b4385987e167a (diff) | |
| download | rails-3fe9d8ac359cc38698b3ee7fb876308dfdf144ed.tar.gz rails-3fe9d8ac359cc38698b3ee7fb876308dfdf144ed.tar.bz2 rails-3fe9d8ac359cc38698b3ee7fb876308dfdf144ed.zip | |
Added JavascriptHelper#escape_javascript as a public method (was private) and made it escape both single and double quotes and new lines #940 [mortonda@dgrmm.net]
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@1002 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Diffstat (limited to 'actionpack')
| -rw-r--r-- | actionpack/CHANGELOG | 2 | ||||
| -rw-r--r-- | actionpack/lib/action_view/helpers/javascript_helper.rb | 7 | ||||
| -rw-r--r-- | actionpack/test/template/javascript_helper.rb | 9 |
3 files changed, 15 insertions, 3 deletions
diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG index 5e3bf1d00b..ba3c4bd485 100644 --- a/actionpack/CHANGELOG +++ b/actionpack/CHANGELOG @@ -1,5 +1,7 @@ *SVN* +* Added JavascriptHelper#escape_javascript as a public method (was private) and made it escape both single and double quotes and new lines #940 [mortonda@dgrmm.net] + * Added trailing_slash option to url_for, so you can generate urls ending in a slash. Note that is currently not recommended unless you need it for special reasons since it breaks caching #937 [stian@grytoyr.net] * Added expire_matched_fragments(regular_expression) to clear out a lot of fragment caches at once #927 [technoweenie@gmail.com] diff --git a/actionpack/lib/action_view/helpers/javascript_helper.rb b/actionpack/lib/action_view/helpers/javascript_helper.rb index d5630bcdfe..5a07ebdc6e 100644 --- a/actionpack/lib/action_view/helpers/javascript_helper.rb +++ b/actionpack/lib/action_view/helpers/javascript_helper.rb @@ -148,11 +148,12 @@ module ActionView build_observer('Form.Observer', form_id, options) end - private + # Escape carrier returns and single and double quotes for Javascript segments. def escape_javascript(javascript) - (javascript || '').gsub('"', '\"') + (javascript || '').gsub(/\r\n|\n|\r/, "\\n").gsub(/["']/) { |m| "\\#{m}" } end - + + private def options_for_ajax(options) js_options = build_callbacks(options) diff --git a/actionpack/test/template/javascript_helper.rb b/actionpack/test/template/javascript_helper.rb new file mode 100644 index 0000000000..39f02e90bf --- /dev/null +++ b/actionpack/test/template/javascript_helper.rb @@ -0,0 +1,9 @@ +require File.dirname(__FILE__) + '/../abstract_unit' + +class JavascriptHelperTest < Test::Unit::TestCase + include ActionView::Helpers::JavascriptHelper + + def test_escape_javascript + assert_equal %(This \\"thing\\" is really\\n netos\\'), escape_javascript(%(This "thing" is really\n netos')) + end +end |