Skip Menu |
 

This queue is for tickets about the CGI-Application-Plugin-DevPopup CPAN distribution.

Report information
The Basics
Id: 50096
Status: resolved
Priority: 0/
Queue: CGI-Application-Plugin-DevPopup

People
Owner: rhesa [...] cpan.org
Requestors: stro [...] cpan.org
Cc:
AdminCc:

Bug Information
Severity: Important
Broken in: 1.01
Fixed in: (no value)



Subject: <script> escaping
Download (untitled) / with headers
text/plain 287b
Hello Rhesa, Can you add the following line to _escape_js? $j =~ s/script>/s" + "cript>/g; When "</script>" string somehow appears in $j, it breaks DevPopup javascript code, resulting in wrong output. When it's split to be in two strings, everything is ok. -- Serguei Trouchelle
Download (untitled) / with headers
text/plain 410b
On Tue Sep 29 11:26:29 2009, STRO wrote: Show quoted text
> Hello Rhesa, > > Can you add the following line to _escape_js? > > $j =~ s/script>/s" + "cript>/g; > > When "</script>" string somehow appears in $j, it breaks DevPopup > javascript code, resulting in wrong output. When it's split to be in two > strings, everything is ok.
Thanks Serguei, I've added this, and a new version is on its way to the CPAN. Rhesa


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.