From fa994557e8deb0fb1d820f57347eca28dbbd6c21 Mon Sep 17 00:00:00 2001 From: Sandro Santilli Date: Thu, 3 Oct 2013 13:40:50 +0200 Subject: [PATCH] Fix escaping of single quote. Closes #307, updates tests. --- lib/carto/tree/quoted.js | 8 ++++++-- test/quoted.test.js | 23 +++++++++++++++++++++++ test/rendering/filterquote.result | 2 +- 3 files changed, 30 insertions(+), 3 deletions(-) create mode 100644 test/quoted.test.js diff --git a/lib/carto/tree/quoted.js b/lib/carto/tree/quoted.js index d159681..1cbce51 100644 --- a/lib/carto/tree/quoted.js +++ b/lib/carto/tree/quoted.js @@ -7,8 +7,12 @@ tree.Quoted = function Quoted(content) { tree.Quoted.prototype = { toString: function(quotes) { - var xmlvalue = this.value.replace(/&/g, '&'); - xmlvalue = xmlvalue.replace(/\'/g, '''); + var xmlvalue = this.value + .replace(/&/g, '&') + .replace(/\'/g, '\\\'') + .replace(/\"/g, '"') + .replace(//g, '>'); return (quotes === true) ? "'" + xmlvalue + "'" : this.value; }, diff --git a/test/quoted.test.js b/test/quoted.test.js new file mode 100644 index 0000000..bba03a1 --- /dev/null +++ b/test/quoted.test.js @@ -0,0 +1,23 @@ +var assert = require('assert'); +var tree = require('../lib/carto/tree.js'); +require('../lib/carto/tree/quoted'); + +describe('Quoted', function() { + describe('basic functionality', function() { + it('should be constructed', function() { + var f = new tree.Quoted("Tom's & \"\""); + assert.ok(f); + assert.equal(f.is, 'string'); + }); + it('should produce normal output', function() { + var f = new tree.Quoted("Tom's & \"\""); + assert.ok(f); + assert.equal(f.toString(), "Tom's & \"\""); + }); + it('should produce xml-friendly output', function() { + var f = new tree.Quoted("Tom's & \"\""); + assert.ok(f); + assert.equal(f.toString(true), "'Tom\\'s & "<quoted>"'"); + }); + }); +}); diff --git a/test/rendering/filterquote.result b/test/rendering/filterquote.result index f43fc57..f4a4328 100644 --- a/test/rendering/filterquote.result +++ b/test/rendering/filterquote.result @@ -5,7 +5,7 @@