Skip to content
This repository
Browse code

Make escape_javascript happy to handle SafeBuffers

* see GH#1553
* allow for the fact that gsub on SafeBuffer does not pass match variables $1, $2 etc to a block
  • Loading branch information...
commit bf2f039a93d1b5bacffcda14e2c58f39dfcf7fd4 1 parent b64524d
Paul Gallagher tardate authored sikachu committed
2  actionpack/lib/action_view/helpers/javascript_helper.rb
@@ -18,7 +18,7 @@ module JavaScriptHelper
18 18 # $('some_element').replaceWith('<%=j render 'some/element_template' %>');
19 19 def escape_javascript(javascript)
20 20 if javascript
21   - javascript.gsub(/(\\|<\/|\r\n|[\n\r"'])/) { JS_ESCAPE_MAP[$1] }
  21 + javascript.gsub(/(\\|<\/|\r\n|[\n\r"'])/) {|match| JS_ESCAPE_MAP[match] }
22 22 else
23 23 ''
24 24 end
7 actionpack/test/template/javascript_helper_test.rb
@@ -30,6 +30,13 @@ def test_escape_javascript
30 30 assert_equal %(dont <\\/close> tags), j(%(dont </close> tags))
31 31 end
32 32
  33 + def test_escape_javascript_with_safebuffer
  34 + given = %('quoted' "double-quoted" new-line:\n </closed>)
  35 + expect = %(\\'quoted\\' \\"double-quoted\\" new-line:\\n <\\/closed>)
  36 + assert_equal expect, escape_javascript(given)
  37 + assert_equal expect, escape_javascript(ActiveSupport::SafeBuffer.new(given))
  38 + end
  39 +
33 40 def test_button_to_function
34 41 assert_dom_equal %(<input type="button" onclick="alert('Hello world!');" value="Greeting" />),
35 42 button_to_function("Greeting", "alert('Hello world!')")

0 comments on commit bf2f039

Please sign in to comment.
Something went wrong with that request. Please try again.