32287 – Escape tag no longer escaping for Javascript

Bug 32287 - Escape tag no longer escaping for Javascript

Summary: Escape tag no longer escaping for Javascript

Status:	RESOLVED FIXED

Alias:	None

Product:	Taglibs
Classification:	Unclassified
Component:	String Taglib (show other bugs)
Version:	nightly
Hardware:	PC Windows XP

Importance:	P2 normal (vote)
Target Milestone:	---
Assignee:	Tomcat Developers Mailing List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2004-11-17 23:00 UTC by Jason Pettiss
Modified:	2004-11-17 16:15 UTC (History)
CC List:	0 users

Attachments
Suggested patch (Java to JavaScript in two places) (861 bytes, text/plain) 2004-11-17 23:01 UTC, Jason Pettiss	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jason Pettiss 2004-11-17 23:00:34 UTC

The single quote is no longer being escaped, which of course breaks use of the
EscapeTag with Javascript.  Given that Javascript is more likely generated than
Java code, perhaps EscapeTag should instead call StringEscapeUtils.escapeJavaScript.

EscapeTag r1.4 called StringUtils.escape(text), which back then had the effect
of escaping for both java and javascript, where a single quote would get
escaped.  StringUtils.escape was deprecated and methods split out to escape for
java or javascript.

Note, the comment says it escapes to Java-compatible string, but then gives
escaping a single quote as an example, which is no longer done in the util
class.  Note that escaping for javascript also escapes for java (but the reverse
is not true).

Comment 1 Jason Pettiss 2004-11-17 23:01:55 UTC

Created attachment 13488 [details]
Suggested patch (Java to JavaScript in two places)

Comment 2 Felipe Leme 2004-11-18 01:15:23 UTC

Applied - thanks for the patch.