Permalink
Browse files

escape <'s and >'s in JSON strings. #8371 [Rick]

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6893 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
  • Loading branch information...
1 parent ae242b0 commit 0345c975879e352a5726ff9f91258fdb3afe8525 @technoweenie technoweenie committed May 29, 2007
@@ -1,5 +1,7 @@
*SVN*
+* escape <'s and >'s in JSON strings. #8371 [Rick]
+
* Inflections: MatrixTest -> MatrixTests instead of MatricesTest. #8496 [jbwiv]
* Multibyte strings respond_to the String methods they proxy so they can be duck-typed. #6549 [Tuxie]
@@ -8,15 +8,17 @@ module Encoding
"\r" => '\r',
"\t" => '\t',
'"' => '\"',
- '\\' => '\\\\'
+ '\\' => '\\\\',
+ ">" => '\076',
+ '<' => '\074'
}
end
end
end
class String
def to_json #:nodoc:
- '"' + gsub(/[\010\f\n\r\t"\\]/) { |s|
+ '"' + gsub(/[\010\f\n\r\t"\\><]/) { |s|
ActiveSupport::JSON::Encoding::ESCAPED_CHARS[s]
}.gsub(/([\xC0-\xDF][\x80-\xBF]|
[\xE0-\xEF][\x80-\xBF]{2}|
@@ -13,7 +13,7 @@ def initialize(a, b)
NumericTests = [[ 1, %(1) ],
[ 2.5, %(2.5) ]]
- StringTests = [[ 'this is the string', %("this is the string") ],
+ StringTests = [[ 'this is the <string>', %("this is the \\074string\\076")],
[ 'a "string" with quotes', %("a \\"string\\" with quotes") ]]
ArrayTests = [[ ['a', 'b', 'c'], %([\"a\", \"b\", \"c\"]) ],

0 comments on commit 0345c97

Please sign in to comment.