Index: openacs-4/packages/acs-tcl/tcl/text-html-procs.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/text-html-procs.tcl,v
diff -u -N -r1.106 -r1.107
--- openacs-4/packages/acs-tcl/tcl/text-html-procs.tcl 17 Nov 2018 16:37:35 -0000 1.106
+++ openacs-4/packages/acs-tcl/tcl/text-html-procs.tcl 14 Dec 2018 15:11:53 -0000 1.107
@@ -1356,7 +1356,28 @@
}
}
+ ad_proc -public ad_js_escape {
+ string
+ } {
+ Return supplied string with invalid javascript characters
+ propery escaped. This makes possible to use the string safely
+ inside javascript code.
+ @author Antonio Pisano
+ } {
+ # Escape quotes and backslashes (non greedy)
+ regsub -all {.??([^\\])?('|\"|\\)} $string {\1\\\2} string
+ # Escape characters are replaced with their escape sequence
+ regsub -all {\b} $string {\\b} string
+ regsub -all {\f} $string {\\f} string
+ regsub -all {\n} $string {\\n} string
+ regsub -all {\r} $string {\\r} string
+ regsub -all {\t} $string {\\t} string
+ regsub -all {\v} $string {\\v} string
+
+ return $string
+ }
+
####################
#
# HTML -> Text
Index: openacs-4/packages/acs-tcl/tcl/test/text-html-procs.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/test/text-html-procs.tcl,v
diff -u -N -r1.9 -r1.10
--- openacs-4/packages/acs-tcl/tcl/test/text-html-procs.tcl 7 Sep 2018 00:30:14 -0000 1.9
+++ openacs-4/packages/acs-tcl/tcl/test/text-html-procs.tcl 14 Dec 2018 15:11:54 -0000 1.10
@@ -212,6 +212,25 @@
aa_register_case \
-cats {api smoke} \
+ -procs {ad_js_escape} \
+ ad_js_escape {
+
+ Test if ad_js_escape is working as expected
+
+} {
+ set string "\"\"\"\"\"\'"
+ aa_true " - String of only quotes " {[ad_js_escape $string] eq {\"\"\"\"\"\'}}
+
+ set string "\n\r\t \n\n\n \t\t \b \v\v\v \f"
+ aa_true " - String of only escape sequences " {[ad_js_escape $string] eq {\n\r\t \n\n\n \t\t \b \v\v\v \f}}
+
+ set string "\n\r\t \na word \'\n\n \t\t\"\" aaaaaa\' \'\'\'\b \v\v\v \f"
+ aa_true " - String of escape sequences, quotes and text (with some quotes already escaped)" \
+ {[ad_js_escape $string] eq {\n\r\t \na word \'\n\n \t\"\" aaaaa\' \'\'\'\b \v\v\v \f}}
+}
+
+aa_register_case \
+ -cats {api smoke} \
-procs {ad_pad} \
ad_pad {