Skip to content

Commit

Permalink
escape text in lexer
Browse files Browse the repository at this point in the history
  • Loading branch information
kbrsh committed May 7, 2019
1 parent 68925af commit 7b0542d
Show file tree
Hide file tree
Showing 3 changed files with 64 additions and 3 deletions.
34 changes: 33 additions & 1 deletion packages/moon/dist/moon.js
Original file line number Diff line number Diff line change
Expand Up @@ -89,11 +89,31 @@
*/

var expressionRE = /"[^"]*"|'[^']*'|\d+[a-zA-Z$_]\w*|\.[a-zA-Z$_]\w*|[a-zA-Z$_]\w*:|([a-zA-Z$_]\w*)/g;
/**
* Capture special characters in text that need to be escaped.
*/

var textRE = /&|>|<| |"|\\|"|\n|\r/g;
/**
* List of global variables to ignore in expression scoping
*/

var globals = ["NaN", "false", "in", "null", "this", "true", "typeof", "undefined", "window"];
/**
* Map from special characters to a safe format for JavaScript string literals.
*/

var escapeTextMap = {
"&": "&",
">": ">",
"&lt;": "<",
"&nbsp;": " ",
"&quot;": "\\\"",
"\\": "\\\\",
"\"": "\\\"",
"\n": "\\n",
"\r": "\\r"
};
/**
* Checks if a given character is a quote.
*
Expand All @@ -104,6 +124,18 @@
function isQuote(_char) {
return _char === "\"" || _char === "'";
}
/**
* Escape text to make it usable in a JavaScript string literal.
*
* @param {string} text
*/


function escapeText(text) {
return text.replace(textRE, function (match) {
return escapeTextMap[match];
});
}
/**
* Scope an expression to use variables within the `data` object.
*
Expand Down Expand Up @@ -340,7 +372,7 @@
type: "tagOpen",
value: "text",
attributes: {
"": "\"" + text + "\""
"": "\"" + escapeText(text) + "\""
},
closed: true
});
Expand Down
2 changes: 1 addition & 1 deletion packages/moon/dist/moon.min.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

31 changes: 30 additions & 1 deletion packages/moon/src/compiler/lexer/lexer.js
Original file line number Diff line number Diff line change
Expand Up @@ -24,11 +24,31 @@ const attributeRE = /\s*([\w\d-_:@]*)(?:=(?:("[^"]*"|'[^']*')|{([^{}]*)}))?/g;
*/
const expressionRE = /"[^"]*"|'[^']*'|\d+[a-zA-Z$_]\w*|\.[a-zA-Z$_]\w*|[a-zA-Z$_]\w*:|([a-zA-Z$_]\w*)/g;

/**
* Capture special characters in text that need to be escaped.
*/
const textRE = /&amp;|&gt;|&lt;|&nbsp;|&quot;|\\|"|\n|\r/g;

/**
* List of global variables to ignore in expression scoping
*/
const globals = ["NaN", "false", "in", "null", "this", "true", "typeof", "undefined", "window"];

/**
* Map from special characters to a safe format for JavaScript string literals.
*/
const escapeTextMap = {
"&amp;": "&",
"&gt;": ">",
"&lt;": "<",
"&nbsp;": " ",
"&quot;": "\\\"",
"\\": "\\\\",
"\"": "\\\"",
"\n": "\\n",
"\r": "\\r"
};

/**
* Checks if a given character is a quote.
*
Expand All @@ -39,6 +59,15 @@ function isQuote(char) {
return char === "\"" || char === "'";
}

/**
* Escape text to make it usable in a JavaScript string literal.
*
* @param {string} text
*/
function escapeText(text) {
return text.replace(textRE, (match) => escapeTextMap[match]);
}

/**
* Scope an expression to use variables within the `data` object.
*
Expand Down Expand Up @@ -304,7 +333,7 @@ export function lex(input) {
type: "tagOpen",
value: "text",
attributes: {
"": `"${text}"`
"": `"${escapeText(text)}"`
},
closed: true
});
Expand Down

0 comments on commit 7b0542d

Please sign in to comment.