[TASK] Rename escapeJsValue and make it context specific 71/28571/4
authorJigal van Hemert <jigal.van.hemert@typo3.org>
Thu, 20 Mar 2014 14:05:55 +0000 (15:05 +0100)
committerXavier Perseguers <xavier@typo3.org>
Fri, 21 Mar 2014 12:37:41 +0000 (13:37 +0100)
The stdWrap property escapeJsValue actually encodes the
content and should thus be called
encodeForJavaScriptValue. Also the value must be
enclosed in quotes to prevent it from being used outside
the target context of string values in JavaScript.

Releases: 6.2
Resolves: #57107
Documentation: #57108
Change-Id: Id5f850d36a87d71ca80eb58e3359ddacdd5b655e
Reviewed-on: https://review.typo3.org/28571
Reviewed-by: Helmut Hummel
Tested-by: Helmut Hummel
Reviewed-by: Xavier Perseguers
Tested-by: Xavier Perseguers
typo3/sysext/frontend/Classes/ContentObject/ContentObjectRenderer.php
typo3/sysext/frontend/Tests/Unit/ContentObject/ContentObjectRendererTest.php

index 0d9751f..2580f77 100644 (file)
@@ -154,8 +154,8 @@ class ContentObjectRenderer {
                'rawUrlEncode.' => 'array',
                'htmlSpecialChars' => 'boolean',
                'htmlSpecialChars.' => 'array',
-               'escapeJsValue' => 'boolean',
-               'escapeJsValue.' => 'array',
+               'encodeForJavaScriptValue' => 'boolean',
+               'encodeForJavaScriptValue.' => 'array',
                'doubleBrTag' => 'string',
                'doubleBrTag.' => 'array',
                'br' => 'boolean',
@@ -2848,16 +2848,16 @@ class ContentObjectRenderer {
        }
 
        /**
-        * escapeJsValue
+        * encodeForJavaScriptValue
         * Escapes content to be used inside JavaScript strings. No quotes are added around the value
         * as this can easily be done in TypoScript
         *
         * @param string $content Input value undergoing processing in this function
-        * @param array $conf stdWrap properties for escapeJsvalue
+        * @param array $conf stdWrap properties for encodeForJavaScriptValue
         * @return string The processed input value
         */
-       public function stdWrap_escapeJsValue($content = '', $conf = array()) {
-               return trim(GeneralUtility::quoteJSvalue($content), '\'');
+       public function stdWrap_encodeForJavaScriptValue($content = '', $conf = array()) {
+               return GeneralUtility::quoteJSvalue($content);
        }
 
        /**
index ac73514..f4a4147 100644 (file)
@@ -1514,59 +1514,59 @@ class ContentObjectRendererTest extends \TYPO3\CMS\Core\Tests\UnitTestCase {
        }
 
        /**
-        * Data provider for stdWrap_escapeJsValue test
+        * Data provider for stdWrap_encodeForJavaScriptValue test
         *
         * @return array multi-dimensional array with the second level like this:
-        * @see escapeJsValue
+        * @see encodeForJavaScriptValue
         */
-       public function stdWrap_escapeJsValueDataProvider() {
+       public function stdWrap_encodeForJavaScriptValueDataProvider() {
                return array(
                        'double quote in string' => array(
                                'double quote"',
                                array(),
-                               'double\u0020quote\u0022'
+                               '\'double\u0020quote\u0022\''
                        ),
                        'backslash in string' => array(
                                'backslash \\',
                                array(),
-                               'backslash\u0020\u005C'
+                               '\'backslash\u0020\u005C\''
                        ),
                        'exclamation mark' => array(
                                'exclamation!',
                                array(),
-                               'exclamation\u0021'
+                               '\'exclamation\u0021\''
                        ),
                        'whitespace tab, newline and carriage return' => array(
                                "white\tspace\ns\r",
                                array(),
-                               'white\u0009space\u000As\u000D'
+                               '\'white\u0009space\u000As\u000D\''
                        ),
                        'single quote in string' => array(
                                'single quote \'',
                                array(),
-                               'single\u0020quote\u0020\u0027'
+                               '\'single\u0020quote\u0020\u0027\''
                        ),
                        'tag' => array(
                                '<tag>',
                                array(),
-                               '\u003Ctag\u003E'
+                               '\'\u003Ctag\u003E\''
                        ),
                        'ampersand in string' => array(
                                'amper&sand',
                                array(),
-                               'amper\u0026sand'
+                               '\'amper\u0026sand\''
                        ),
                );
        }
 
        /**
-        * Check if escapeJsValue works properly
+        * Check if encodeForJavaScriptValue works properly
         *
-        * @dataProvider stdWrap_escapeJsValueDataProvider
+        * @dataProvider stdWrap_encodeForJavaScriptValueDataProvider
         * @test
         */
-       public function stdWrap_escapeJsValue($input, $conf, $expected) {
-               $result = $this->cObj->stdWrap_escapeJsValue($input, $conf);
+       public function stdWrap_encodeForJavaScriptValue($input, $conf, $expected) {
+               $result = $this->cObj->stdWrap_encodeForJavaScriptValue($input, $conf);
                $this->assertEquals($expected, $result);
        }