Bug 32287 - Escape tag no longer escaping for Javascript
Summary: Escape tag no longer escaping for Javascript
Alias: None
Product: Taglibs
Classification: Unclassified
Component: String Taglib (show other bugs)
Version: nightly
Hardware: PC Windows XP
: P2 normal (vote)
Target Milestone: ---
Assignee: Tomcat Developers Mailing List
Depends on:
Reported: 2004-11-17 23:00 UTC by Jason Pettiss
Modified: 2004-11-17 16:15 UTC (History)
0 users

Suggested patch (Java to JavaScript in two places) (861 bytes, text/plain)
2004-11-17 23:01 UTC, Jason Pettiss

Note You need to log in before you can comment on or make changes to this bug.
Description Jason Pettiss 2004-11-17 23:00:34 UTC
The single quote is no longer being escaped, which of course breaks use of the
EscapeTag with Javascript.  Given that Javascript is more likely generated than
Java code, perhaps EscapeTag should instead call StringEscapeUtils.escapeJavaScript.

EscapeTag r1.4 called StringUtils.escape(text), which back then had the effect
of escaping for both java and javascript, where a single quote would get
escaped.  StringUtils.escape was deprecated and methods split out to escape for
java or javascript.

Note, the comment says it escapes to Java-compatible string, but then gives
escaping a single quote as an example, which is no longer done in the util
class.  Note that escaping for javascript also escapes for java (but the reverse
is not true).
Comment 1 Jason Pettiss 2004-11-17 23:01:55 UTC
Created attachment 13488 [details]
Suggested patch (Java to JavaScript in two places)
Comment 2 Felipe Leme 2004-11-18 01:15:23 UTC
Applied - thanks for the patch.