diff options
| author | David Heinemeier Hansson <david@loudthinking.com> | 2006-10-09 00:34:43 +0000 |
|---|---|---|
| committer | David Heinemeier Hansson <david@loudthinking.com> | 2006-10-09 00:34:43 +0000 |
| commit | 4b3e964a1a9d9b5c4a7925ccb8a0090f869fdca4 (patch) | |
| tree | 9825039c9fc649ca1be5c62dbe4547f1f9dd29fa /actionpack | |
| parent | 2e766b159f597f4da55a4cd57c20a9d8c34dd3e7 (diff) | |
| download | rails-4b3e964a1a9d9b5c4a7925ccb8a0090f869fdca4.tar.gz rails-4b3e964a1a9d9b5c4a7925ccb8a0090f869fdca4.tar.bz2 rails-4b3e964a1a9d9b5c4a7925ccb8a0090f869fdca4.zip | |
Fixed escaping of backslashes in JavaScriptHelper#escape_javascript (closes #6302) [sven@c3d2.de]
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@5242 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Diffstat (limited to 'actionpack')
| -rw-r--r-- | actionpack/CHANGELOG | 2 | ||||
| -rw-r--r-- | actionpack/lib/action_view/helpers/javascript_helper.rb | 2 | ||||
| -rw-r--r-- | actionpack/test/template/javascript_helper_test.rb | 1 |
3 files changed, 4 insertions, 1 deletions
diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG index 48596f3618..649b2aeb67 100644 --- a/actionpack/CHANGELOG +++ b/actionpack/CHANGELOG @@ -1,5 +1,7 @@ *SVN* +* Fixed escaping of backslashes in JavaScriptHelper#escape_javascript #6302 [sven@c3d2.de] + * Fixed that some 500 rescues would cause 500's themselves because the response had not yet been generated #6329 [cmselmer] * respond_to :html doesn't assume .rhtml. #6281 [Hampton Catlin] diff --git a/actionpack/lib/action_view/helpers/javascript_helper.rb b/actionpack/lib/action_view/helpers/javascript_helper.rb index 3a5aaa6412..039a2f1810 100644 --- a/actionpack/lib/action_view/helpers/javascript_helper.rb +++ b/actionpack/lib/action_view/helpers/javascript_helper.rb @@ -149,7 +149,7 @@ module ActionView # Escape carrier returns and single and double quotes for JavaScript segments. def escape_javascript(javascript) - (javascript || '').gsub(/\r\n|\n|\r/, "\\n").gsub(/["']/) { |m| "\\#{m}" } + (javascript || '').gsub('\\','\0\0').gsub(/\r\n|\n|\r/, "\\n").gsub(/["']/) { |m| "\\#{m}" } end # Returns a JavaScript tag with the +content+ inside. Example: diff --git a/actionpack/test/template/javascript_helper_test.rb b/actionpack/test/template/javascript_helper_test.rb index 7cb08ec498..ea13f1ab73 100644 --- a/actionpack/test/template/javascript_helper_test.rb +++ b/actionpack/test/template/javascript_helper_test.rb @@ -19,6 +19,7 @@ class JavaScriptHelperTest < Test::Unit::TestCase def test_escape_javascript assert_equal %(This \\"thing\\" is really\\n netos\\'), escape_javascript(%(This "thing" is really\n netos')) + assert_equal %(backslash\\\\test), escape_javascript( %(backslash\\test) ) end def test_link_to_function |