Merge pull request #39 from ferhensil/master

Fix: escape variables after {% endautoescape %}
paularmstrong · Jan 24, 2012 · be8f971 · be8f971
2 parents 90e1e9d + a508ec1
commit be8f971
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 1 deletion.
diff --git a/lib/parser.js b/lib/parser.js
@@ -214,7 +214,7 @@ exports.parse = function (data, tags, autoescape) {
             if (index > 0 && (/^end/).test(tagname)) {
                 lastToken = _.last(stack[stack.length - 2]);
                 if ('end' + lastToken.name === tagname) {
-                    if (_.last(stack).name === 'autoescape') {
+                    if (lastToken.name === 'autoescape') {
                         escape = last_escape;
                     }
                     stack.pop();

diff --git a/tests/tags.test.js b/tests/tags.test.js
@@ -37,6 +37,12 @@ exports.autoescape = testCase({
         test.done();
     },
 
+    off_after_close_tag: function (test) {
+        var tpl = swig.compile('{% autoescape off %}{% endautoescape %}{{ foo }}');
+        test.strictEqual(tpl({ foo: '<\'single\' & "double" quotes>' }), '&lt;&#39;single&#39; &amp; &quot;double&quot; quotes&gt;');
+        test.done();
+    },
+
     js: function (test) {
         var tpl = swig.compile('{% autoescape on "js" %}{{ foo }}{% endautoescape %}');
         test.strictEqual(tpl({ foo: '"double quotes" and \'single quotes\'' }), '\\u0022double quotes\\u0022 and \\u0027single quotes\\u0027');