Skip to content
Browse files

Fixing parameters from leaking into the script tag when calling JsHel…

…per::submit(). Added test cases and refactored JsHelper::link(). Fixes #613
  • Loading branch information...
1 parent c404ae5 commit bc6b8e5dfdc8a4272f819a722d39c8319cf56871 @markstory markstory committed
Showing with 40 additions and 5 deletions.
  1. +3 −5 cake/libs/view/helpers/js.php
  2. +37 −0 cake/tests/cases/libs/view/helpers/js.test.php
View
8 cake/libs/view/helpers/js.php
@@ -319,10 +319,7 @@ function link($title, $url = null, $options = array()) {
$event = $this->event('click', $requestString, $options);
}
if (isset($options['buffer']) && $options['buffer'] == false) {
- $opts = array();
- if (isset($options['safe'])) {
- $opts['safe'] = $options['safe'];
- }
+ $opts = array_intersect_key(array('safe' => null), $options);
$out .= $this->Html->scriptBlock($event, $opts);
}
return $out;
@@ -397,7 +394,8 @@ function submit($caption = null, $options = array()) {
$event = $this->event('click', $requestString, $options);
}
if (isset($options['buffer']) && $options['buffer'] == false) {
- $out .= $this->Html->scriptBlock($event, $options);
+ $opts = array_intersect_key(array('safe' => null), $options);
+ $out .= $this->Html->scriptBlock($event, $opts);
}
return $out;
}
View
37 cake/tests/cases/libs/view/helpers/js.test.php
@@ -457,6 +457,43 @@ function testSubmitWithMock() {
}
/**
+ * test that no buffer works with submit() and that parameters are leaking into the script tag.
+ *
+ * @return void
+ */
+ function testSubmitWithNoBuffer() {
+ $this->_useMock();
+ $options = array('update' => '#content', 'id' => 'test-submit', 'buffer' => false, 'safe' => false);
+ $this->Js->TestJsEngine->setReturnValue('dispatchMethod', 'serialize-code', array('serializeform', '*'));
+ $this->Js->TestJsEngine->setReturnValue('dispatchMethod', 'serialize-code', array('serializeForm', '*'));
+ $this->Js->TestJsEngine->setReturnValue('dispatchMethod', 'ajax-code', array('request', '*'));
+ $this->Js->TestJsEngine->setReturnValue('dispatchMethod', 'event-handler', array('event', '*'));
+
+ $this->Js->TestJsEngine->expectAt(0, 'dispatchMethod', array('get', '*'));
+ $this->Js->TestJsEngine->expectAt(1, 'dispatchMethod', array(new PatternExpectation('/serializeForm/i'), '*'));
+ $this->Js->TestJsEngine->expectAt(2, 'dispatchMethod', array('request', '*'));
+
+ $params = array(
+ 'update' => $options['update'], 'buffer' => false, 'safe' => false, 'data' => 'serialize-code',
+ 'method' => 'post', 'dataExpression' => true
+ );
+ $this->Js->TestJsEngine->expectAt(3, 'dispatchMethod', array(
+ 'event', array('click', "ajax-code", $params)
+ ));
+
+ $result = $this->Js->submit('Save', $options);
+ $expected = array(
+ 'div' => array('class' => 'submit'),
+ 'input' => array('type' => 'submit', 'id' => $options['id'], 'value' => 'Save'),
+ '/div',
+ 'script' => array('type' => 'text/javascript'),
+ 'event-handler',
+ '/script'
+ );
+ $this->assertTags($result, $expected);
+ }
+
+/**
* Test that Object::Object() is not breaking json output in JsHelper
*
* @return void

0 comments on commit bc6b8e5

Please sign in to comment.
Something went wrong with that request. Please try again.