Permalink
Browse files

Removing use of eval. Fixes Issue #19

A more robust fix needs to be coordinated in mozilla/browserid
as well as Issue #15.
  • Loading branch information...
1 parent 51bdb2a commit 648dec4e203fbe93ea99cb7718b5106be9a30c82 @ozten ozten committed Feb 6, 2013
Showing with 27 additions and 21 deletions.
  1. +27 −21 lib/i18n.js
View
@@ -23,6 +23,10 @@ var fs = require('fs'),
const DAVID_B_LABYRN = 'db-LB';
const BIDI_RTL_LANGS = ['ar', DAVID_B_LABYRN, 'fa', 'he'];
+// Number of characters before and after valid JSON in messages.json files
+const JS_PRE_LEN = 24;
+const JS_POST_LEN = 3;
+
var translations = {};
var logger;
@@ -61,35 +65,34 @@ exports.abide = function(options) {
path.join(__dirname, '..', '..', '..'),
options.translation_directory,
path.join(locale, 'messages.json'));
- }, /* TODO This would be a good check if we're using client side gettext
- json_file_path = function(locale) {
- return path.resolve(
- path.join(__dirname, '..', '..', '..'),
- path.join(options.i18n_json_dir, locale, 'messages.json'));
- }, */
+ },
debug_locale = localeFrom(options.debug_lang);
options.supported_languages.forEach(function(lang, i) {
var l = localeFrom(lang);
+ // populate the in-memory translation cache with client.json, which contains
+ // strings relevant on the server
try {
- // populate the in-memory translation cache with client.json, which contains
- // strings relevant on the server
-
- // XXX: these files should be json. not javascript.
- /*jshint evil:true*/
- var json_locale_data; // for jshint
+ // TODO: Have po2json write json files, not .js files
+ // also https://github.com/mozilla/i18n-abide/issues/15
+ var rawMessages = fs.readFileSync(json_file_path(l)).toString();
+ if (rawMessages.length < JS_PRE_LEN + JS_POST_LEN + 1) {
+ throw new Error('Bad Locale messages.json ' + l);
+ }
+ // Chop JSON out of the middle of a JavaScript formatted file
+ var json_locale_data = JSON.parse(
+ rawMessages.slice(JS_PRE_LEN, rawMessages.length - JS_POST_LEN));
- // Yikes (copying from BrowserID codebase, not my gitblame)
- eval(fs.readFileSync(json_file_path(l)).toString());
translations[l] = json_locale_data.messages;
} catch (e) {
- // an exception here means that there was a problem with the translation files for
- // this locale!
+ // an exception here means that there was a problem with the translation
+ // files for this locale!
if (options.default_lang === lang || options.debug_lang === lang) return;
- var msg = util.format('Bad locale=[%s] missing .json files in [%s]. See locale/README (%s)',
- l, json_file_path(l), e);
+ var msg = util.format(
+ 'Bad locale=[%s] missing .json files in [%s]. See locale/README (%s)',
+ l, json_file_path(l), e);
if (!options.disable_locale_check) {
logger.warn(msg);
} else {
@@ -110,7 +113,8 @@ exports.abide = function(options) {
gt;
if (lang && lang.toLowerCase && lang.toLowerCase() === debug_lang) {
- lang = DAVID_B_LABYRN; // What? http://www.youtube.com/watch?v=rJLnGjhPT1Q
+ // What? http://www.youtube.com/watch?v=rJLnGjhPT1Q
+ lang = DAVID_B_LABYRN;
}
// Express 2 support
if (!! resp.local) {
@@ -240,7 +244,8 @@ exports.localeFrom = localeFrom = function(language) {
// sr-Cyrl-RS should be sr_RS
return util.format('%s_%s', parts[0].toLowerCase(), parts[2].toUpperCase());
} else {
- logger.error(util.format("Unable to map a local from language code [%s]", language));
+ logger.error(
+ util.format("Unable to map a local from language code [%s]", language));
return language;
}
};
@@ -261,7 +266,8 @@ exports.languageFrom = function(locale) {
// sr_RS should be sr-RS
return util.format('%s-%s', parts[0].toLowerCase(), parts[2].toUpperCase());
} else {
- logger.error(util.format("Unable to map a language from locale code [%s]", locale));
+ logger.error(
+ util.format("Unable to map a language from locale code [%s]", locale));
return locale;
}
};

0 comments on commit 648dec4

Please sign in to comment.