Skip to content

Commit

Permalink
Added JS escaping for newline, linefeed, return, tab and backspace. C…
Browse files Browse the repository at this point in the history 
…loses #1
  • Loading branch information
@ethauvin
ethauvin committed Feb 28, 2024
1 parent a0ebfe2 commit 0d14c27
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 0 deletions.
6 changes: 6 additions & 0 deletions src/main/java/rife/render/RenderUtils.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -195,6 +195,11 @@ public static String encodeJs(String src) {
case '"' -> sb.append("\\\"");
case '\\' -> sb.append("\\\\");
case '/' -> sb.append("\\/");
case '\b' -> sb.append("\\b");
case '\n' -> sb.append(("\\n"));
case '\t' -> sb.append("\\t");
case '\f' -> sb.append("\\f");
case '\r' -> sb.append("\\r");
default -> sb.append(c);
}
}
Expand Down Expand Up @@ -597,4 +602,5 @@ public static boolean validateCreditCard(String cc) {
}
return false;
}

}
4 changes: 4 additions & 0 deletions src/test/java/rife/render/TestEncode.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,10 @@ void testEncodeJs() {
t.setAttribute(TestCase.FOO, "'\"\\/");
assertThat(t.getContent()).isEqualTo("\\'\\\"\\\\\\/");

t = TemplateFactory.TXT.get("encodeJs");
t.setAttribute(TestCase.FOO, "This is\f\b a\r\n\ttest");
assertThat(t.getContent()).isEqualTo("This is\\f\\b a\\r\\n\\ttest");

t = TemplateFactory.HTML.get("encodeJs");
t.setAttribute(TestCase.FOO, '"' + TestCase.SAMPLE_TEXT + '"');
assertThat(t.getContent()).as("with unicode")
Expand Down

0 comments on commit 0d14c27

Please sign in to comment.