a javascript error is reported on all overrided pages containing javascript with charaters (>,&,<) #230
Comments
|
Hello @mathieu-mbru describe "source containing a javascript tag" do
before { Deface::Override.new(:virtual_path => "posts/index",
:name => "Posts#index",
:remove => "p") }
let(:source) { "<%= javascript_tag do %>if (y > 0) {y = 0;}<% end %>" }
it "should return unmodified source" do
expect(Dummy.apply(source, { :virtual_path => "posts/index" })).to eq("<%= javascript_tag do %>if (y > 0) {y = 0;}<% end %>")
end
endexpected: "<%= javascript_tag do %>if (y > 0) {y = 0;}<% end %>"
got: "<%= javascript_tag do %>if (y > 0) {y = 0;}<% end %>" |
|
Ok, thank you |
|
very good. related to #224 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello
a javascript error is reported on all overrided pages containing javascript with charaters (>,&,<)
Example
We have identified the cause that breaks the javascript code (which is encoded).
The cause is the following:
The view source or partial of type (Nokogiri::HTML::DocumentFragment) which encodes characters by calling the method to_s in (Module Applicator /method apply_overrides ) line 52 (source = doc.to_s) :
Since we trust views files and partials,
By replace this line :
source = doc.to_sby this one :
source = doc.to_s.gsub('<', '<').gsub('>', '>').gsub('&', '&')The problem no longer exists
A PR was carried out on the subject #229
Thank you for considering this update.
The text was updated successfully, but these errors were encountered: