Index: django/template/defaultfilters.py
===================================================================
--- django/template/defaultfilters.py (revision 8571)
+++ django/template/defaultfilters.py (working copy)
@@ -63,19 +63,19 @@
capfirst = stringfilter(capfirst)
_js_escapes = (
- ('\\', '\\\\'),
- ('"', '\\"'),
- ("'", "\\'"),
- ('\n', '\\n'),
- ('\r', '\\r'),
- ('\b', '\\b'),
- ('\f', '\\f'),
- ('\t', '\\t'),
- ('\v', '\\v'),
- ('', '<\\/'),
-)
+ ('\\', r'\x5C'),
+ ('\'', r'\x27'),
+ ('"', r'\x22'),
+ ('>', r'\x3E'),
+ ('<', r'\x3C'),
+ ('&', r'\x26'),
+ ('=', r'\x3D'),
+ ('-', r'\x2D'),
+ (';', r'\x3B')
+) + tuple([('%c' % z, '\\x%02X' % z) for z in range(32)])
+
def escapejs(value):
- """Backslash-escapes characters for use in JavaScript strings."""
+ """Hex encodes characters for use in JavaScript strings."""
for bad, good in _js_escapes:
value = value.replace(bad, good)
return value
Index: tests/regressiontests/templates/filters.py
===================================================================
--- tests/regressiontests/templates/filters.py (revision 8571)
+++ tests/regressiontests/templates/filters.py (working copy)
@@ -262,5 +262,8 @@
'autoescape-stringfilter02': (r'{% autoescape off %}{{ unsafe|capfirst }}{% endautoescape %}', {'unsafe': UnsafeClass()}, 'You & me'),
'autoescape-stringfilter03': (r'{{ safe|capfirst }}', {'safe': SafeClass()}, 'You > me'),
'autoescape-stringfilter04': (r'{% autoescape off %}{{ safe|capfirst }}{% endautoescape %}', {'safe': SafeClass()}, 'You > me'),
+
+ 'escapejs01': (r'{{ a|escapejs }}', {'a': 'testing\r\njavascript \'string" escaping'}, 'testing\\x0D\\x0Ajavascript \\x27string\\x22 \\x3Cb\\x3Eescaping\\x3C/b\\x3E'),
+ 'escapejs02': (r'{% autoescape off %}{{ a|escapejs }}{% endautoescape %}', {'a': 'testing\r\njavascript \'string" escaping'}, 'testing\\x0D\\x0Ajavascript \\x27string\\x22 \\x3Cb\\x3Eescaping\\x3C/b\\x3E'),
}
Index: AUTHORS
===================================================================
--- AUTHORS (revision 8571)
+++ AUTHORS (working copy)
@@ -190,6 +190,7 @@
hipertracker@gmail.com
Deryck Hodge
Brett Hoerner
+ Eric Holscher
Ian Holsman
Kieran Holland
Sung-Jin Hong
@@ -426,6 +427,8 @@
ymasuda@ethercube.com
Jarek Zgoda
Cheng Zhang
+ Collin Grady
+ Mike Wiacek
A big THANK YOU goes to: