Stephen McKamey avatar Stephen McKamey committed f2541e4

- replacing encoding split/join with RegExp
- adding encoding tests

Comments (0)

Files changed (2)

 	 * @returns {Array|Object|string|number}
 	 */
 	function htmlEncode(val) {
-		return (typeof val !== "string") ? val : val.split('&').join('&amp;').split('<').join('&lt;').split('>').join('&gt;');
+		if (typeof val !== "string") {
+			return val;
+		}
+
+		return val.replace(/[&<>]/g,
+			function(ch) {
+				switch(ch) {
+					case '&':
+						return "&amp;";
+					case '<':
+						return "&lt;";
+					case '>':
+						return "&gt;";
+					default:
+						return ch;
+				}
+			});
 	}
 
 	/**
 	 * @returns {Array|Object|string|number}
 	 */
 	function attrEncode(val) {
-		return (typeof val !== "string") ? val : val.split('&').join('&amp;').split('<').join('&lt;').split('>').join('&gt;').split('"').join('&quot;').split("'").join('&apos;');
+		if (typeof val !== "string") {
+			return val;
+		}
+
+		return val.replace(/[&<>"]/g,
+			function(ch) {
+				switch(ch) {
+					case '&':
+						return "&amp;";
+					case '<':
+						return "&lt;";
+					case '>':
+						return "&gt;";
+					case '"':
+						return "&quot;";
+					default:
+						return ch;
+				}
+			});
 	}
 
 	/**

src/tests/render.js

 	same(actual, expected, "");
 });
 
+test("encoding literal", function() {
+
+	var view = duel(
+		["p",
+		 	'&hello"foo<bar><&>'
+		]);
+
+	var actual = view.bind().toString();
+
+	var expected =  '<p>&amp;hello"foo&lt;bar&gt;&lt;&amp;&gt;</p>';
+	
+	same(actual, expected, "");
+});
+
+test("encoding attributes", function() {
+
+	var view = duel(
+		["p", { "title" : '&hello"foo<bar><&>' },
+		 	"Encoded attributes"
+		]);
+
+	var actual = view.bind().toString();
+
+	var expected =  '<p title="&amp;hello&quot;foo&lt;bar&gt;&lt;&amp;&gt;">Encoded attributes</p>';
+	
+	same(actual, expected, "");
+});
+
 test("markup data", function() {
 
 	var view = duel(
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.