Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Merge pull request #52 from szemek/master

escaping javascript, important for functions containing single quote
  • Loading branch information...
commit fbee8ab703ffd57bd594554265b74fb9950a86ef 2 parents 1b96a9b + 20f004b
@zk authored
View
4 app/views/main/function.html.erb
@@ -9,8 +9,8 @@ $(document).ready(function() {
varId: <%= @function.id %>,
library: "<%= @function.library.name %>",
version: "<%= @function.library.version %>",
- editExampleFormHTML: '<%= (render :partial => '/examples/edit_example_form').gsub("\n", "")%>',
- editCommentFormHTML: '<%= (render :partial => '/comments/edit_comment_form').gsub("\n", "")%>',
+ editExampleFormHTML: '<%= escape_javascript(render :partial => '/examples/edit_example_form').gsub("\n", "")%>',
+ editCommentFormHTML: '<%= escape_javascript(render :partial => '/comments/edit_comment_form').gsub("\n", "")%>',
})
})
</script>
View
2  app/views/management/function.html.erb
@@ -3,7 +3,7 @@
<script type="text/javascript" charset="utf-8">
$(document).ready(function() {
CD.Examples.init({
- editExampleFormHTML: '<%= (render :partial => '/examples/edit_example_form').gsub("\n", "")%>'
+ editExampleFormHTML: '<%= escape_javascript(render :partial => '/examples/edit_example_form').gsub("\n", "")%>'
})
})
</script>
Please sign in to comment.
Something went wrong with that request. Please try again.