Mirrors/yii
2
0
Fork 0
mirror of https://github.com/yiisoft/yii.git synced 2026-03-11 18:46:59 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fixes #4043: Fixed CJavaScript::quote() to properly escape Unicode characters

Browse Source
This commit is contained in:
Alexander Makarov
2017-04-18 15:45:27 +03:00
committed by GitHub
parent 7e45fa1a08
commit 1e1c5b7b05
7 changed files with 453 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
framework/web/helpers/CJavaScript.php
View File

@@ -27,10 +27,12 @@ class CJavaScript
*/
public static function quote($js,$forUrl=false)
{
if($forUrl)
return strtr($js,array('%'=>'%25',"\t"=>'\t',"\n"=>'\n',"\r"=>'\r','"'=>'\"','\''=>'\\\'','\\'=>'\\\\','</'=>'<\/'));
else
return strtr($js,array("\t"=>'\t',"\n"=>'\n',"\r"=>'\r','"'=>'\"','\''=>'\\\'','\\'=>'\\\\','</'=>'<\/'));
Yii::import('system.vendors.zend-escaper.Escaper');
$escaper=new Escaper(Yii::app()->charset);
if($forUrl)
return $escaper->escapeUrl($js);
else
return $escaper->escapeJs($js);
}
/**