Permalink
Browse files

[#48] escaping javascript, important for functions containing single …

…quote
  • Loading branch information...
1 parent 67ebc78 commit 20f004bb0ca74ea4f9990fe0c7b06262054b2162 @szemek szemek committed May 2, 2012
Showing with 3 additions and 3 deletions.
  1. +2 −2 app/views/main/function.html.erb
  2. +1 −1 app/views/management/function.html.erb
@@ -9,8 +9,8 @@ $(document).ready(function() {
varId: <%= @function.id %>,
library: "<%= @function.library.name %>",
version: "<%= @function.library.version %>",
- editExampleFormHTML: '<%= (render :partial => '/examples/edit_example_form').gsub("\n", "")%>',
- editCommentFormHTML: '<%= (render :partial => '/comments/edit_comment_form').gsub("\n", "")%>',
+ editExampleFormHTML: '<%= escape_javascript(render :partial => '/examples/edit_example_form').gsub("\n", "")%>',
+ editCommentFormHTML: '<%= escape_javascript(render :partial => '/comments/edit_comment_form').gsub("\n", "")%>',
})
})
</script>
@@ -3,7 +3,7 @@
<script type="text/javascript" charset="utf-8">
$(document).ready(function() {
CD.Examples.init({
- editExampleFormHTML: '<%= (render :partial => '/examples/edit_example_form').gsub("\n", "")%>'
+ editExampleFormHTML: '<%= escape_javascript(render :partial => '/examples/edit_example_form').gsub("\n", "")%>'
})
})
</script>

0 comments on commit 20f004b

Please sign in to comment.