[BUGFIX] quoteJSvalue double encodes forward slash 83/27183/5
authorMichiel Roos <michiel@maxserv.nl>
Fri, 31 Jan 2014 09:56:16 +0000 (10:56 +0100)
committerFrans Saris <franssaris@gmail.com>
Fri, 31 Jan 2014 15:39:39 +0000 (16:39 +0100)
The new JavaScript encoder using json_encode also encodes the forward
slash to unicode: \u00F2.

This creates problems, since json_encode already 'escapes' the forward
slash with a backslash.

This patch removes the ecoding of the forward slash from quoteJSvalue

Unit tests have been adjusted to match the output of json_encode:
* forward slash is escaped with a backslash

Change-Id: Ibc19f69c0b68f5bbfa67a39750884dcc030f38cb
Resolves: #55499
Releases: 6.2
Reviewed-on: https://review.typo3.org/27183
Reviewed-by: Anja Leichsenring
Tested-by: Anja Leichsenring
Tested-by: Daniel Siepmann
Reviewed-by: Frans Saris
Tested-by: Frans Saris
typo3/sysext/core/Classes/Utility/GeneralUtility.php
typo3/sysext/core/Tests/Unit/Utility/GeneralUtilityTest.php

index 7fde70b..fec132f 100644 (file)
@@ -5126,8 +5126,7 @@ Connection: close
                        json_encode((string)$value, JSON_HEX_AMP|JSON_HEX_APOS|JSON_HEX_QUOT|JSON_HEX_TAG),
                        array(
                                '"' => '\'',
-                               '/' => '\\u002F',
-                               '\\\\\\' => '\u005C',
+                               '\\\\' => '\\u005C',
                                ' ' => '\\u0020',
                                '!' => '\\u0021',
                                '\\t' => '\\u0009',
index 56c6431..8ffafa5 100644 (file)
@@ -2339,9 +2339,13 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase {
                                '<>&',
                                '\\u003C\\u003E\\u0026'
                        ),
-                       'Quotes and slashes are encoded' => array(
-                               '"\'\\/',
-                               '\\u0022\\u0027\\u005C\\u002F'
+                       'Quotes and backslashes are encoded' => array(
+                               '"\'\\',
+                               '\\u0022\\u0027\\u005C'
+                       ),
+                       'Forward slashes are escaped' => array(
+                               '</script>',
+                               '\\u003C\\/script\\u003E'
                        ),
                        'Empty string stays empty' => array(
                                '',