Skip to content

Fix escaped chars in Javascript in templates #401

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Dec 16, 2011
Merged

Fix escaped chars in Javascript in templates #401

merged 2 commits into from
Dec 16, 2011

Conversation

Stuk
Copy link
Contributor

@Stuk Stuk commented Dec 8, 2011

If an escaped character (e.g. \n) is used in embedded Javascript inside a template then it gets escaped to \n. If someone has put an escaped character in their JS then they probably want it left that way.

This merge request adds a test for this, and the following commit replaces \s with a single \ when inside evaluation tags, reverting the previous template escaping.

Stuk added 2 commits December 8, 2011 11:33
@Stuk
Add failing test for Javascript in templates
81cb0d3 
Uses an escaped character in Javascript embedded in a template. Gets
incorrectly replaced when templating.
@Stuk
Templating fix for when an escaped character is used in Javascript
c8ecb47 
If an escaped character (e.g. \n) is used in embedded Javascript inside
a template then it gets escaped to \\n. If someone has put an escaped
character in their JS then they probably want it left that way.

This commit replaces \\s with a single \ when inside evaluation tags,
reverting the previous template escaping.
@jashkenas
Copy link
Owner

This doesn't look right. For starters, you're simply converting two slashes \\ into one \ . This will affect many other things than just newlines.

In addition, you're putting an extra slash in the "replace" function in your test -- so I'm not sure what the test is trying to accomplish.

@jashkenas jashkenas closed this Dec 8, 2011
@Stuk
Copy link
Contributor Author

Stuk commented Dec 8, 2011

In the test it would be incorrect to have just \n, as that would be invalid JS

numbers.split("
")

and so the \n needs to be escaped there (if the template was being loaded from a <script> tag then you would just have the \n).

The fix is just undoing the replacement from line 902. I think that if someone puts a \ inside <% %> tags they would want it left alone. I might be wrong of course :)

@jashkenas
Copy link
Owner

Sure ... but this is valid JS:

numbers.split("\n")

@Stuk
Copy link
Contributor Author

Stuk commented Dec 8, 2011

Not when it's JS inside another string :)

@jashkenas
Copy link
Owner

-- then that's your problem ;) Don't put JS in strings.

@Stuk
Copy link
Contributor Author

Stuk commented Dec 10, 2011

I'm back again, with an example that (hopefully) definitely shows the problem: http://stuartk.com/files/underscore_example.html

@jashkenas
Copy link
Owner

Thanks for being persistent ;)

@jashkenas jashkenas reopened this Dec 10, 2011
@Stuk
Copy link
Contributor Author

Stuk commented Dec 10, 2011

No problem :)

jashkenas added a commit that referenced this pull request Dec 16, 2011
@jashkenas
Merge pull request #401 from Stuk/template_js_fix
b4a3843 
Fix escaped chars in Javascript in templates
@jashkenas jashkenas merged commit b4a3843 into jashkenas:master Dec 16, 2011
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Stuk @jashkenas