Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fixing the fix for issue #57

The previous fix would mess up some escaping in different
circumstances. This commit should get rid of the problems by
adding smarter escaping.
  • Loading branch information...
commit 9433433f3f72504feb1bd8266f04d842e91c71ea 1 parent 9018214
Fred Hebert ferd authored
9 src/socketio_transport_polling.erl
View
@@ -297,7 +297,7 @@ send_message(Message, Req, Index, ServerModule, Sup) ->
send_message_1(Headers, Message, Req, Index, ServerModule) ->
Headers0 = [{"Content-Type", "text/javascript; charset=UTF-8"}|Headers],
Message0 = unicode:characters_to_list(jsx:format(jsx:term_to_json(list_to_binary(Message), [{strict, false}]))),
- Message1 = "io.JSONP["++Index++"]._(" ++ Message0 ++ ");",
+ Message1 = "io.JSONP["++Index++"]._(\"" ++ escape(tl(Message0)) ++ ");",
apply(ServerModule, respond, [Req, 200, Headers0, Message1]).
cors_headers(Headers, Sup) ->
@@ -325,3 +325,10 @@ reset_duration({TimerRef, Time}) ->
erlang:cancel_timer(TimerRef),
NewRef = erlang:start_timer(Time, self(), polling),
{NewRef, Time}.
+
+%% THis should deal with only one level of depth -- the rest is assumed to
+%% have been escaped correctly by jsx.
+escape([$"]) -> [$"];
+escape([$"|Rest]) -> [$\\, $" | escape(Rest)];
+escape([$\\|Rest]) -> [$\\,$\\ | escape(Rest)];
+escape([CodePoint|Rest]) -> [CodePoint | escape(Rest)].
2  test/socketio_transport_tests.erl
View
@@ -47,7 +47,7 @@ transport_tests(Browser, Transport) ->
ets:insert(socketio_tests, {transport, Transport}),
error_logger:delete_report_handler(error_logger_tty_h), %% suppress annoying kernel logger
application:start(misultin),
- application:start(socketio),
+ application:start(socketio),
{ok, Pid} = socketio_listener:start([{http_port, 8989},
{default_http_handler, ?MODULE}]),
EventMgr = socketio_listener:event_manager(Pid),
Please sign in to comment.
Something went wrong with that request. Please try again.