Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

Quote ampersend chars in XML text. Closes #263. #265

Merged
merged 2 commits into from

2 participants

@strk

Includes testcase.

@strk

Note that the Travis failures are unrelated with this change. REF: #264

@strk

@tmcw I've pushed a new commit quoting all chars, and extending the testcase accordingly

@tmcw tmcw commented on the diff
lib/carto/tree/quoted.js
@@ -8,7 +8,11 @@ tree.Quoted.prototype = {
is: 'string',
toString: function(quotes) {
- var xmlvalue = this.value.replace(/\'/g, ''');
+ var xmlvalue = this.value.replace(/&/g, '&');
+ xmlvalue = xmlvalue.replace(/\'/g, ''');
+ xmlvalue = xmlvalue.replace(/\"/g, '"');
+ xmlvalue = xmlvalue.replace(/\</g, '&lt;');
+ xmlvalue = xmlvalue.replace(/\>/g, '&gt;');
@tmcw Owner
tmcw added a note

These should be chained:

var xmlvalue = this.value.replace(/&/g, '&amp;')
    .replace(/\"/g, '&quot;');

etc instead of creating 4 new temp strings.

@strk
strk added a note
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@tmcw tmcw merged commit 435452b into mapbox:master

1 check failed

Details default The Travis build failed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Mar 22, 2013
  1. @strk

    Quote ampersend chars in XML text. Closes #263.

    strk authored
    Includes testcase.
Commits on Mar 27, 2013
  1. @strk

    Quote all needed XML chars. See #263.

    strk authored
    Includes testcase.
This page is out of date. Refresh to see the latest.
Showing with 10 additions and 6 deletions.
  1. +5 −1 lib/carto/tree/quoted.js
  2. +5 −5 test/quoted.test.js
View
6 lib/carto/tree/quoted.js
@@ -8,7 +8,11 @@ tree.Quoted.prototype = {
is: 'string',
toString: function(quotes) {
- var xmlvalue = this.value.replace(/\'/g, '&apos;');
+ var xmlvalue = this.value.replace(/&/g, '&amp;');
+ xmlvalue = xmlvalue.replace(/\'/g, '&apos;');
+ xmlvalue = xmlvalue.replace(/\"/g, '&quot;');
+ xmlvalue = xmlvalue.replace(/\</g, '&lt;');
+ xmlvalue = xmlvalue.replace(/\>/g, '&gt;');
@tmcw Owner
tmcw added a note

These should be chained:

var xmlvalue = this.value.replace(/&/g, '&amp;')
    .replace(/\"/g, '&quot;');

etc instead of creating 4 new temp strings.

@strk
strk added a note
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
return (quotes === true) ? "'" + xmlvalue + "'" : this.value;
},
View
10 test/quoted.test.js
@@ -5,19 +5,19 @@ require('../lib/carto/tree/quoted');
describe('Quoted', function() {
describe('basic functionality', function() {
it('should be constructed', function() {
- var f = new tree.Quoted("Tom's quoted");
+ var f = new tree.Quoted("Tom's & \"<quoted>\"");
assert.ok(f);
assert.equal(f.is, 'string');
});
it('should produce normal output', function() {
- var f = new tree.Quoted("Tom's quoted");
+ var f = new tree.Quoted("Tom's & \"<quoted>\"");
assert.ok(f);
- assert.equal(f.toString(), "Tom's quoted");
+ assert.equal(f.toString(), "Tom's & \"<quoted>\"");
});
it('should produce xml-friendly output', function() {
- var f = new tree.Quoted("Tom's quoted");
+ var f = new tree.Quoted("Tom's & \"<quoted>\"");
assert.ok(f);
- assert.equal(f.toString(true), "'Tom&apos;s quoted'");
+ assert.equal(f.toString(true), "'Tom&apos;s &amp; &quot;&lt;quoted&gt;&quot;'");
});
});
});
Something went wrong with that request. Please try again.