Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

make sure we have the same encoding in the string and regex #2650

Closed
wants to merge 1 commit into from

3 participants

@dmathieu
Collaborator

This fixes the failing actionpack test.

@josevalim
Owner

Hrm, I am not sure force_encoding is the proper fix here. If it is not a UTF-8 string, it is going to fail badly and we cannot assume that. /cc @tenderlove @wycats

@pixeltrix
Owner

Doesn't it just need a /u on the regexp?

@dmathieu
Collaborator

No, /u is not enough when the string is not UTF-8. I get the following error :

Encoding::CompatibilityError: incompatible encoding regexp match (UTF-8 regexp with ASCII-8BIT string)
@dmathieu
Collaborator

An other solution would be to run the last JS_ESCAPE_MAP entry only when the string is UTF-8.

Something like :

result = javascript.gsub(/(\\|<\/|\r\n|\342\200\250|[\n\r"'])/u) do |match|
    if JS_ESCAPE_MAP.has_key?(match)
        JS_ESCAPE_MAP[match]
    elsif match.is_utf8? && JS_UTF8_ESCAPE_MAP.has_key?(match)
        JS_UTF8_ESCAPE_MAP[match]
    else
        match
    end
end
@dmathieu
Collaborator

See #2659, which closes the issue.

@dmathieu dmathieu closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
This page is out of date. Refresh to see the latest.
Showing with 2 additions and 0 deletions.
  1. +2 −0  actionpack/lib/action_view/helpers/javascript_helper.rb
View
2  actionpack/lib/action_view/helpers/javascript_helper.rb
@@ -1,3 +1,4 @@
+# encoding: UTF-8
require 'action_view/helpers/tag_helper'
module ActionView
@@ -19,6 +20,7 @@ module JavaScriptHelper
# $('some_element').replaceWith('<%=j render 'some/element_template' %>');
def escape_javascript(javascript)
if javascript
+ javascript.force_encoding("UTF-8").encode! if javascript.encoding_aware?
result = javascript.gsub(/(\\|<\/|\r\n|\342\200\250|[\n\r"'])/) {|match| JS_ESCAPE_MAP[match] }
javascript.html_safe? ? result.html_safe : result
else
Something went wrong with that request. Please try again.