From d16fbe53b202d52b5ef12526941ed50da2daf38f Mon Sep 17 00:00:00 2001 From: Andre Arko Date: Mon, 12 May 2008 23:54:21 -0700 Subject: Fix remote_function to escape apostrophes inside the remote url passed to Ajax.Update. [#180 state:resolved] Signed-off-by: Pratik Naik --- actionpack/lib/action_view/helpers/prototype_helper.rb | 2 +- actionpack/test/template/prototype_helper_test.rb | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/actionpack/lib/action_view/helpers/prototype_helper.rb b/actionpack/lib/action_view/helpers/prototype_helper.rb index 1b12aa8058..1a0e660d52 100644 --- a/actionpack/lib/action_view/helpers/prototype_helper.rb +++ b/actionpack/lib/action_view/helpers/prototype_helper.rb @@ -458,7 +458,7 @@ module ActionView url_options = options[:url] url_options = url_options.merge(:escape => false) if url_options.is_a?(Hash) - function << "'#{url_for(url_options)}'" + function << "'#{escape_javascript(url_for(url_options))}'" function << ", #{javascript_options})" function = "#{options[:before]}; #{function}" if options[:before] diff --git a/actionpack/test/template/prototype_helper_test.rb b/actionpack/test/template/prototype_helper_test.rb index a84d4e72af..9a1079b297 100644 --- a/actionpack/test/template/prototype_helper_test.rb +++ b/actionpack/test/template/prototype_helper_test.rb @@ -86,6 +86,11 @@ class PrototypeHelperTest < PrototypeHelperBaseTest link_to_remote("Remote outauthor", { :url => { :action => "whatnot" }, :html => { :class => "fine" } }) end + def test_link_to_remote_url_quote_escaping + assert_dom_equal %(Remote), + link_to_remote("Remote", { :url => { :action => "whatnot's" } }) + end + def test_periodically_call_remote assert_dom_equal %(), periodically_call_remote(:update => "schremser_bier", :url => { :action => "mehr_bier" }) -- cgit v1.2.3