Ticket #4738 (closed defect: duplicate)

Opened 1 year ago

Last modified 2 months ago

js_escape eats baslash escaped characters

Reported by: nbachiyski Assigned to: anonymous
Priority: normal Milestone:
Component: Administration Version:
Severity: normal Keywords:
Cc:

Description

js_escape('\n') gives only n and it should give \n instead.

The problem is that first stripslashes and then addslashes are applied to the string, which doesn't guarantee that the string will remain the same.

Also, I still don't get why js_escape has to do something more than replacing ' with \', " with \" and newline characters with \n. Isn't its only purpose to make sure that the given php string is processed without errors by javascript? Why do we use wp_specialchars? Why do we put html entities, when we aren't sure the javascript code expects those?

Change History

08/13/07 18:34:26 changed by nbachiyski

I now know why it has to be so complex, but I think we need two functions: one which escapes javascript strings in javascript context and one, which escapes javascript strings in HTML context.

08/18/07 21:44:44 changed by foolswisdom

  • milestone changed from 2.3 (trunk) to 2.4 (future).

10/17/08 03:14:44 changed by Viper007Bond

  • status changed from new to closed.
  • resolution set to duplicate.
  • milestone deleted.

#7648