aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack
diff options
context:
space:
mode:
authorDavid Heinemeier Hansson <david@loudthinking.com>2006-10-09 00:34:43 +0000
committerDavid Heinemeier Hansson <david@loudthinking.com>2006-10-09 00:34:43 +0000
commit4b3e964a1a9d9b5c4a7925ccb8a0090f869fdca4 (patch)
tree9825039c9fc649ca1be5c62dbe4547f1f9dd29fa /actionpack
parent2e766b159f597f4da55a4cd57c20a9d8c34dd3e7 (diff)
downloadrails-4b3e964a1a9d9b5c4a7925ccb8a0090f869fdca4.tar.gz
rails-4b3e964a1a9d9b5c4a7925ccb8a0090f869fdca4.tar.bz2
rails-4b3e964a1a9d9b5c4a7925ccb8a0090f869fdca4.zip
Fixed escaping of backslashes in JavaScriptHelper#escape_javascript (closes #6302) [sven@c3d2.de]
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@5242 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Diffstat (limited to 'actionpack')
-rw-r--r--actionpack/CHANGELOG2
-rw-r--r--actionpack/lib/action_view/helpers/javascript_helper.rb2
-rw-r--r--actionpack/test/template/javascript_helper_test.rb1
3 files changed, 4 insertions, 1 deletions
diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG
index 48596f3618..649b2aeb67 100644
--- a/actionpack/CHANGELOG
+++ b/actionpack/CHANGELOG
@@ -1,5 +1,7 @@
*SVN*
+* Fixed escaping of backslashes in JavaScriptHelper#escape_javascript #6302 [sven@c3d2.de]
+
* Fixed that some 500 rescues would cause 500's themselves because the response had not yet been generated #6329 [cmselmer]
* respond_to :html doesn't assume .rhtml. #6281 [Hampton Catlin]
diff --git a/actionpack/lib/action_view/helpers/javascript_helper.rb b/actionpack/lib/action_view/helpers/javascript_helper.rb
index 3a5aaa6412..039a2f1810 100644
--- a/actionpack/lib/action_view/helpers/javascript_helper.rb
+++ b/actionpack/lib/action_view/helpers/javascript_helper.rb
@@ -149,7 +149,7 @@ module ActionView
# Escape carrier returns and single and double quotes for JavaScript segments.
def escape_javascript(javascript)
- (javascript || '').gsub(/\r\n|\n|\r/, "\\n").gsub(/["']/) { |m| "\\#{m}" }
+ (javascript || '').gsub('\\','\0\0').gsub(/\r\n|\n|\r/, "\\n").gsub(/["']/) { |m| "\\#{m}" }
end
# Returns a JavaScript tag with the +content+ inside. Example:
diff --git a/actionpack/test/template/javascript_helper_test.rb b/actionpack/test/template/javascript_helper_test.rb
index 7cb08ec498..ea13f1ab73 100644
--- a/actionpack/test/template/javascript_helper_test.rb
+++ b/actionpack/test/template/javascript_helper_test.rb
@@ -19,6 +19,7 @@ class JavaScriptHelperTest < Test::Unit::TestCase
def test_escape_javascript
assert_equal %(This \\"thing\\" is really\\n netos\\'), escape_javascript(%(This "thing" is really\n netos'))
+ assert_equal %(backslash\\\\test), escape_javascript( %(backslash\\test) )
end
def test_link_to_function