Amebis/wxWidgets
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Escape JavaScript code in wxJSScriptWrapper constructor

Browse Source 
We can prepare the escaped code directly here, instead of waiting for
GetWrappedCode() call, this is more clear and safer as it avoids
escaping the code twice accidentally if GetWrappedCode() ends up being
called twice somehow.
This commit is contained in:
Vadim Zeitlin
2017-10-22 17:34:37 +02:00
parent 1b7bb46568
commit 836c874c88
1 changed files with 8 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
include/wx/private/jsscriptwrapper.h
View File

@@ -20,6 +20,7 @@ class wxJSScriptWrapper
{
public:
wxJSScriptWrapper(const wxString& js, int* runScriptCount) : m_jsscript(js)
: m_escapedCode(js)
{
// We assign the return value of JavaScript snippet we execute to the
// variable with this name in order to be able to access it later if
@@ -29,19 +30,19 @@ public:
// RunScript() (which creates a new wxJSScriptWrapper every time) to
// avoid any possible conflict between different calls.
m_outputVarName = wxString::Format("__wxOut%i", (*runScriptCount)++);
// Adds one escape level if there is a single quote, double quotes or
// escape characters
wxRegEx escapeDoubleQuotes("(\\\\*)(['\"\n\r\v\t\b\f])");
escapeDoubleQuotes.Replace(&m_escapedCode,"\\1\\1\\\\\\2");
}
// This method is used to add a double quote level into a JavaScript code
// in order to get it working when eval is called programmatically.
const wxString GetWrappedCode()
{
// Adds one escape level if there is a single quote, double quotes or
// escape characters
wxRegEx escapeDoubleQuotes("(\\\\*)(['\"\n\r\v\t\b\f])");
escapeDoubleQuotes.Replace(&m_jsscript,"\\1\\1\\\\\\2");
return wxString::Format("try { var %s = eval(\"%s\"); true; } \
catch (e) { e.name + \": \" + e.message; }", m_outputVarName, m_jsscript);;
catch (e) { e.name + \": \" + e.message; }", m_outputVarName, m_escapedCode);
}
const wxString GetOutputCode()
@@ -141,7 +142,7 @@ public:
}
private:
wxString m_jsscript;
wxString m_escapedCode;
wxString m_outputVarName;
wxDECLARE_NO_COPY_CLASS(wxJSScriptWrapper);