Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

escaping javascript, important for functions containing single quote #52

Merged
merged 1 commit into from

2 participants

@szemek

This simple change fixes an issue with functions containing single quote like dec'

@zk zk merged commit fbee8ab into zk:master
@zk
Owner
zk commented

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
This page is out of date. Refresh to see the latest.
View
4 app/views/main/function.html.erb
@@ -9,8 +9,8 @@ $(document).ready(function() {
varId: <%= @function.id %>,
library: "<%= @function.library.name %>",
version: "<%= @function.library.version %>",
- editExampleFormHTML: '<%= (render :partial => '/examples/edit_example_form').gsub("\n", "")%>',
- editCommentFormHTML: '<%= (render :partial => '/comments/edit_comment_form').gsub("\n", "")%>',
+ editExampleFormHTML: '<%= escape_javascript(render :partial => '/examples/edit_example_form').gsub("\n", "")%>',
+ editCommentFormHTML: '<%= escape_javascript(render :partial => '/comments/edit_comment_form').gsub("\n", "")%>',
})
})
</script>
View
2  app/views/management/function.html.erb
@@ -3,7 +3,7 @@
<script type="text/javascript" charset="utf-8">
$(document).ready(function() {
CD.Examples.init({
- editExampleFormHTML: '<%= (render :partial => '/examples/edit_example_form').gsub("\n", "")%>'
+ editExampleFormHTML: '<%= escape_javascript(render :partial => '/examples/edit_example_form').gsub("\n", "")%>'
})
})
</script>
Something went wrong with that request. Please try again.