Bug: Remote javascript with " is not executed #89
Comments
|
Btw, the following workaround works for me (at least I have not found any issues with it yet, though it may cause problems): But it works only in my particular case and that is not a universal solution. |
|
I went deeper into this and it seems like the actual hacky fix is gsub, but not replacement of |
|
I came across similar thing. But I think this is not related to rails or remotipart but to the jquery.iframe-transport. As you mentioned:
So what happens is that reponse arrives to the browser with html entity (like This is my example response from server that causes the error: |
|
@asok @JangoSteve I think another way out is to escape html entities differently in remotipart's lib/remotipart/render_overrides.rb, but I'm not sure if it's possible. I mean escape as this is exactly what I do with the above mentioned piece of code: |
|
my only solution is to close <textarea> and open an other. It's works but it's not very sexy XD </textarea>
<script>
alert('it work');
</script>
<textarea>but Jquery is not recognized... |
|
Is there a test someone could write for this by any chance? The tests for remotipart are located here. |
|
This is definitely a problem today, workaround mentioned by dhampik works. |
|
Ugly workaround, but I appreciate it. Thank you gentlemen. |
|
I have a similar issue when uploading a file. Apostrophes in my javascript are encoded as html entities, but the JS doesn't execute when embedded in the texteara. Via a normal form save, the javascript executes fine though. // the text of the option when rendered should be test'string
$element.html('<option value=\"912\">test'string<\/option>'); |
|
If the javascript contains or (newline characters) is also fails to execute the JS properly. Does anybody have a more reliable solution to dealing with all of these html entities that cause problems? |
|
This seems to work at the moment... template_html = render('template')
template_html = template_html.gsub(''',"'").gsub('&','&') if remotipart_submitted?
escaped_html = j(template_html) |
|
Still no fix for this? Can't make it work with HAML. |
|
Hi @JangoSteve, |
|
Just to chime in, I'm having trouble with this bug as well. Jquery-rails 2.3.0 and the latest Remotipart. I've read thread after thread about this error, and all I've found are messy workarounds. |
|
Got the same issue. When I change "can't" to "can not" (string without apostrophe) in |
|
<% if remotipart_submitted? %> that worked for me ! Thank you! |
|
I like panSarin solution, thank you! less code than gsub, not sure about perfomance though. I really hope this nasty glitch will be fixed in future version of remotipart. |
|
@JangoSteve you haven't participated to this conversation since 2013, are you still participating to remotipart? Thanks in advance |
|
@randoum You're right, life seems to be getting in the way. Is there a pull request anyone has submitted for this that I could look at and merge in? |
|
@JangoSteve Nop there's no pull request, I was about to submit one, then I decided to go another direction. |
|
That would be awesome, if anyone wants to volunteer. |
|
*I should mention, I do have someone else who's helping maintain the project, though I think they got a bit busy themselves. Looks like @esbanarango is back in action 😄 |
|
@randoum Could you go ahead and make that PR? I'll check as soon as possible. |
|
Sorry @esbanarango I already migrated my code to use another solution, so I don't have an experimentation zone anymore |
$('.form-wrapper').html("<%= j "#{render('form')}" %>");This solution worked well for me. |
|
+1 for string interpolation: |
|
Thanks guys, this workes
|
|
My initial solution was the following <% if remotipart_submitted? %>
$(".form-wrapper").html("<%= j "#{render 'form' %>");
<% else %>
$(".form-wrapper").html("<%= j render 'form' %>");
<% end %>Which led me to the creation of the following monkey patch: # config/initializers/remotipart_escape_javascript_patch.rb
if defined?(Remotipart)
module Remotipart
module EscapeJavascriptFix
def escape_javascript(javascript)
if remotipart_submitted?
super("#{javascript}")
else
super
end
end
alias_method :j, :escape_javascript
end
end
ActiveSupport.on_load :action_view do
ActionView::Base.send(:include, Remotipart::EscapeJavascriptFix)
end
endNow you can simply do: $(".form-wrapper").html("<%= j render 'form' %>");I would be happy to make a PR for this. Also if help is needed for maintaining this plugin I am interested. |
|
For anyone else using |
I'm using remotipart gem in conjuction with nested_form gem.
And javascript response from the server (which is inside form.js.erb) is not executed.
I studied how remotipart works and did a lot of debugging and found out the root of evil.
Unfortunately I don't know how to fix it.
So, here is the case:
The above javascript response from the server will not be executed on the client! Because there is
"symbol!And this is exactly what happens if you are using remotipart+nested_form. Nested form gem produces a piece of html with data-attribute on hidden div which contains the template for newly created items which added with javascript. And this template contains
"symbol.Why this is happening with remotipart?
I guess, because it wraps actual javascript in
<textarea>tag and when this textarea contents are extracted by javascript the"symbols are converted into "The text was updated successfully, but these errors were encountered: