Riot compiler parses and removes content from string declaration #1448

Closed
rubenmch opened this Issue Dec 17, 2015 · 3 comments

Projects

None yet

2 participants

@rubenmch

With riot.js 2.3.12 (compiling in browser) from:
https://cdn.jsdelivr.net/riot/2.3.12/riot+compiler.min.js

If a custom tag has javascript code containing a string with comments or <script> tags inside it, riot tries to parse the content inside the string.

Compiling the following tag throws an error:

<mytag>
     <div>Content</div>
     <script>
            var stringWithTags = "<script>  </script>";
     </script>
</mytag>

Compiling the following works but <!-- should not be removed --> is removed:

<mytag>
     <div>Content</div>
     <script>
            this.on('mount', function(){
                  alert("The following: <!-- should not be removed -->");
            });
     </script>
</mytag>
@aMarCruz aMarCruz self-assigned this Dec 17, 2015
@aMarCruz aMarCruz added the bug label Dec 17, 2015
@aMarCruz
Member

@rubenmch this is a bug, will be fixed soon, thanks.

@aMarCruz
Member

@rubenmch , I will test, but one "best practice" from the old-school should be an workaround:

var stringWithTags = "<script>  <\/script>";

and

alert("The following: <" + "!-- should not be removed -->");
@rubenmch

@aMarCruz Thanks for checking this bug, I used something similar as a workaround, I replaced the character < with its unicode espace sequence \u003C

@aMarCruz aMarCruz added a commit to riot/compiler that closed this issue Dec 19, 2015
@aMarCruz aMarCruz Closes riot/riot#1448 (partial fix)
You need to write  for closing script tags within quoted strings.

Revised regex that matches  tags.
e53f3d0
@aMarCruz aMarCruz referenced this issue Jan 14, 2016
Closed

Escape Quotes #1511

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment