Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Adding `raw`, `escape` and `e` filters.

closes gh-15
closes gh-14
  • Loading branch information...
commit 606b7f41d2279bc55056dd0f426f1e8cd0e1af12 1 parent ff14c66
@paularmstrong authored
Showing with 47 additions and 1 deletion.
  1. +8 −0 docs/filters.md
  2. +14 −1 lib/helpers.js
  3. +25 −0 tests/filters.test.js
View
8 docs/filters.md
@@ -196,6 +196,10 @@ If the variable is `undefined`, `null`, or `false`, a default return value can b
1. <var>**value**</var> (_mixed_) Fallback value if the variable is falsy.
+### escape
+
+Force escape the output of the variable. Optionally use `e` as a shortcut filter name.
+
### first
Returns the first element of an array. Uses [underscore.js first](http://documentcloud.github.com/underscore/#first)
@@ -224,6 +228,10 @@ Return the `length` property of the value.
Return the variable in all lowercase letters.
+### raw
+
+Do not escape the output of the variable.
+
### replace(search, replace[, flags])
Uses built-in JavaScript replace method. Provide a regular-expression or a string and a replacement string.
View
15 lib/helpers.js
@@ -177,12 +177,25 @@ exports.wrapFilters = function (variable, filters, context, escape) {
if (filters && filters.length > 0) {
filters.forEach(function (filter) {
- output = exports.wrapFilter(output, filter);
+ switch (filter.name) {
+ case 'raw':
+ escape = false;
+ return;
+ case 'e':
+ case 'escape':
+ escape = true;
+ return;
+ default:
+ output = exports.wrapFilter(output, filter);
+ break;
+ }
});
}
if (escape) {
output = '__escape.apply(this, [' + output + '])';
+ } else {
+ output = output || '""';
}
return output;
View
25 tests/filters.test.js
@@ -91,6 +91,24 @@ exports.default = function (test) {
test.done();
};
+exports.e = function (test) {
+ swig.init({ autoEscape: false });
+ testFilter(test, 'e', { v: '<&>' }, '&lt;&amp;&gt;', 'Unescaped output');
+ testFilter(test, 'first|e', { v: ['<&>'] }, '&lt;&amp;&gt;', 'Unescaped in chain');
+ testFilter(test, 'upper|e|lower', { v: '<&>fOo' }, '&lt;&amp;&gt;foo', 'Unescaped in middle of chain');
+ swig.init({});
+ test.done();
+};
+
+exports.escape = function (test) {
+ swig.init({ autoEscape: false });
+ testFilter(test, 'escape', { v: '<&>' }, '&lt;&amp;&gt;', 'Unescaped output');
+ testFilter(test, 'first|escape', { v: ['<&>'] }, '&lt;&amp;&gt;', 'Unescaped in chain');
+ testFilter(test, 'upper|escape|lower', { v: '<&>fOo' }, '&lt;&amp;&gt;foo', 'Unescaped in middle of chain');
+ swig.init({});
+ test.done();
+};
+
exports.first = function (test) {
testFilter(test, 'first', { v: [1, 2, 3, 4] }, '1', 'first from array');
testFilter(test, 'first', { v: '213' }, '2', 'first in string');
@@ -134,6 +152,13 @@ exports.lower = function (test) {
test.done();
};
+exports.raw = function (test) {
+ testFilter(test, 'raw', { v: '<&>' }, '<&>', 'Unescaped output');
+ testFilter(test, 'first|raw', { v: ['<&>'] }, '<&>', 'Unescaped in chain');
+ testFilter(test, 'upper|raw|lower', { v: '<&>fOo' }, '<&>foo', 'Unescaped in middle of chain');
+ test.done();
+};
+
exports.replace = function (test) {
testFilter(test, 'replace("o", "", "g")', { v: 'fooboo' }, 'fb');
testFilter(test, 'replace("o", "a")', { v: 'foo' }, 'fao');

3 comments on commit 606b7f4

@tj
tj commented on 606b7f4

is escaping not the default?

@paularmstrong

It is on by default, but can be globally turned off and can also be controlled inline with the autoescape tag

@tj
tj commented on 606b7f4

ah ok great! just wasn't sure if that was the default or not

Please sign in to comment.
Something went wrong with that request. Please try again.