Make WordPress Core

Opened 17 years ago

Closed 16 years ago

#4738 closed defect (bug) (duplicate)

js_escape eats baslash escaped characters

Reported by: nbachiyski's profile nbachiyski Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: Administration Keywords:
Focuses: Cc:


js_escape('\n') gives only n and it should give \n instead.

The problem is that first stripslashes and then addslashes are applied to the string, which doesn't guarantee that the string will remain the same.

Also, I still don't get why js_escape has to do something more than replacing ' with \', " with \" and newline characters with \n. Isn't its only purpose to make sure that the given php string is processed without errors by javascript? Why do we use wp_specialchars? Why do we put html entities, when we aren't sure the javascript code expects those?

Change History (3)

#1 @nbachiyski
17 years ago

I now know why it has to be so complex, but I think we need two functions: one which escapes javascript strings in javascript context and one, which escapes javascript strings in HTML context.

#2 @foolswisdom
17 years ago

  • Milestone changed from 2.3 (trunk) to 2.4 (future)

#3 @Viper007Bond
16 years ago

  • Milestone 2.9 deleted
  • Resolution set to duplicate
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.