Permalink
Browse files

backslash escape comma, semicolon, and backslashes

  • Loading branch information...
1 parent 3aff193 commit 48173c2db10497072830c1df60d15694d3af49a2 @tpitale tpitale committed Jan 9, 2011
Showing with 11 additions and 1 deletion.
  1. +2 −1 lib/garb/filter_parameters.rb
  2. +9 −0 test/unit/garb/filter_parameters_test.rb
@@ -31,7 +31,8 @@ def to_params
value = self.parameters.map do |param|
param.map do |k,v|
next unless k.is_a?(SymbolOperator)
- "#{URI.encode(k.to_google_analytics, /[=<>]/)}#{CGI::escape(v.to_s)}"
+ escaped_v = v.to_s.gsub(/([,;\\])/) {|c| '\\'+c}
+ "#{URI.encode(k.to_google_analytics, /[=<>]/)}#{CGI::escape(escaped_v)}"
end.join('%3B') # Hash AND (no duplicate keys), escape char for ';' fixes oauth
end.join(',') # Array OR
@@ -53,6 +53,15 @@ def self.should_define_operators(*operators)
params = {'filters' => 'ga:pagePath%3D~New+York'}
assert_equal params, @filter_parameters.to_params
end
+
+ should "escape comma, semicolon, and backslash in values" do
+ @filter_parameters.filters do
+ eql(:url, 'this;that,thing\other')
+ end
+
+ params = {'filters' => 'ga:url%3D%3Dthis%5C%3Bthat%5C%2Cthing%5C%5Cother'}
+ assert_equal params, @filter_parameters.to_params
+ end
end
end
end

0 comments on commit 48173c2

Please sign in to comment.