Fixed a bug in the sanitizer
This commit is contained in:
parent
b92ec827f5
commit
a9e2f73089
|
@ -95,28 +95,26 @@ exports.sanitize = function (jsString) {
|
||||||
while (i < jsString.length && c !== quote) {
|
while (i < jsString.length && c !== quote) {
|
||||||
if (c === '"' && prev() !== '\\') {
|
if (c === '"' && prev() !== '\\') {
|
||||||
// unescaped double quote, escape it
|
// unescaped double quote, escape it
|
||||||
chars.push('\\');
|
chars.push('\\"');
|
||||||
}
|
}
|
||||||
|
else if (controlChars.hasOwnProperty(c)) {
|
||||||
// replace unescaped control characters with escaped ones
|
// replace unescaped control characters with escaped ones
|
||||||
if (controlChars.hasOwnProperty(c)) {
|
|
||||||
chars.push(controlChars[c])
|
chars.push(controlChars[c])
|
||||||
i++;
|
|
||||||
c = curr();
|
|
||||||
}
|
}
|
||||||
|
else if (c === '\\') {
|
||||||
// handle escape character
|
// remove the escape character when followed by a single quote ', not needed
|
||||||
if (c === '\\') {
|
|
||||||
i++;
|
i++;
|
||||||
c = curr();
|
c = curr();
|
||||||
|
|
||||||
// remove the escape character when followed by a single quote ', not needed
|
|
||||||
if (c !== '\'') {
|
if (c !== '\'') {
|
||||||
chars.push('\\');
|
chars.push('\\');
|
||||||
}
|
}
|
||||||
|
chars.push(c);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
// regular character
|
||||||
|
chars.push(c);
|
||||||
}
|
}
|
||||||
|
|
||||||
chars.push(c);
|
|
||||||
i++;
|
i++;
|
||||||
c = curr();
|
c = curr();
|
||||||
}
|
}
|
||||||
|
|
|
@ -30,6 +30,15 @@ describe('util', function () {
|
||||||
assert.equal(util.sanitize('"foo\\\'bar"'), '"foo\'bar"');
|
assert.equal(util.sanitize('"foo\\\'bar"'), '"foo\'bar"');
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it('should escape unescaped control characters', function () {
|
||||||
|
assert.equal(util.sanitize('"hello\bworld"'), '"hello\\bworld"')
|
||||||
|
assert.equal(util.sanitize('"hello\fworld"'), '"hello\\fworld"')
|
||||||
|
assert.equal(util.sanitize('"hello\nworld"'), '"hello\\nworld"')
|
||||||
|
assert.equal(util.sanitize('"hello\rworld"'), '"hello\\rworld"')
|
||||||
|
assert.equal(util.sanitize('"hello\tworld"'), '"hello\\tworld"')
|
||||||
|
assert.equal(util.sanitize('{"value\n": "dc=hcm,dc=com"}'), '{"value\\n": "dc=hcm,dc=com"}')
|
||||||
|
})
|
||||||
|
|
||||||
it('remove comments', function () {
|
it('remove comments', function () {
|
||||||
assert.equal(util.sanitize('/* foo */ {}'), ' {}');
|
assert.equal(util.sanitize('/* foo */ {}'), ' {}');
|
||||||
assert.equal(util.sanitize('/* foo */ {}'), ' {}');
|
assert.equal(util.sanitize('/* foo */ {}'), ' {}');
|
||||||
|
|
Loading…
Reference in New Issue