Only escape U+0022 in argument values of `String.prototype` HTML methods

Contributed by Mathias Bynens <mathiasb@opera.com>. TEST=mjsunit/es6/string-html BUG=v8:2217 LOG=Y R=arv@chromium.org, yangguo@chromium.org Review URL: https://codereview.chromium.org/446973004 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@22955 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Only escape U+0022 in argument values of `String.prototype` HTML methods
Contributed by Mathias Bynens <mathiasb@opera.com>. TEST=mjsunit/es6/string-html BUG=v8:2217 LOG=Y R=arv@chromium.org, yangguo@chromium.org Review URL: https://codereview.chromium.org/446973004 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@22955 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2ec32f34 · yangguo@chromium.org · 0a84fab8 · 2ec32f34 · 2ec32f34
Commit 2ec32f34 authored Aug 07, 2014 by yangguo@chromium.org
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 8 deletions

string.js src/string.js +1 -4

string-html.js test/mjsunit/es6/string-html.js +4 -4

No files found.
--- a/src/string.js
+++ b/src/string.js
@@ -829,10 +829,7 @@ function StringFromCharCode(code) {

 // ES6 draft, revision 26 (2014-07-18), section B.2.3.2.1
 function HtmlEscape(str) {
-  return TO_STRING_INLINE(str).replace(/</g, "&lt;")
-                              .replace(/>/g, "&gt;")
-                              .replace(/"/g, "&quot;")
-                              .replace(/'/g, "&#039;");
+  return TO_STRING_INLINE(str).replace(/"/g, "&quot;");
 }



--- a/test/mjsunit/es6/string-html.js
+++ b/test/mjsunit/es6/string-html.js
@@ -6,7 +6,7 @@
 // http://mathias.html5.org/tests/javascript/string/

 assertEquals('_'.anchor('b'), '<a name="b">_</a>');
-//assertEquals('<'.anchor('<'), '<a name="<"><</a>'); // #2217
+assertEquals('<'.anchor('<'), '<a name="<"><</a>');
 assertEquals('_'.anchor(0x2A), '<a name="42">_</a>');
 assertEquals('_'.anchor('\x22'), '<a name="&quot;">_</a>');
 assertEquals(String.prototype.anchor.call(0x2A, 0x2A), '<a name="42">42</a>');
@@ -63,7 +63,7 @@ assertThrows(function() {
 assertEquals(String.prototype.fixed.length, 0);

 assertEquals('_'.fontcolor('b'), '<font color="b">_</font>');
-//assertEquals('<'.fontcolor('<'), '<font color="<"><</font>'); // #2217
+assertEquals('<'.fontcolor('<'), '<font color="<"><</font>');
 assertEquals('_'.fontcolor(0x2A), '<font color="42">_</font>');
 assertEquals('_'.fontcolor('\x22'), '<font color="&quot;">_</font>');
 assertEquals(String.prototype.fontcolor.call(0x2A, 0x2A),
@@ -77,7 +77,7 @@ assertThrows(function() {
 assertEquals(String.prototype.fontcolor.length, 1);

 assertEquals('_'.fontsize('b'), '<font size="b">_</font>');
-//assertEquals('<'.fontsize('<'), '<font size="<"><</font>'); // #2217
+assertEquals('<'.fontsize('<'), '<font size="<"><</font>');
 assertEquals('_'.fontsize(0x2A), '<font size="42">_</font>');
 assertEquals('_'.fontsize('\x22'), '<font size="&quot;">_</font>');
 assertEquals(String.prototype.fontsize.call(0x2A, 0x2A),
@@ -102,7 +102,7 @@ assertThrows(function() {
 assertEquals(String.prototype.italics.length, 0);

 assertEquals('_'.link('b'), '<a href="b">_</a>');
-//assertEquals('<'.link('<'), '<a href="<"><</a>'); // #2217
+assertEquals('<'.link('<'), '<a href="<"><</a>');
 assertEquals('_'.link(0x2A), '<a href="42">_</a>');
 assertEquals('_'.link('\x22'), '<a href="&quot;">_</a>');
 assertEquals(String.prototype.link.call(0x2A, 0x2A), '<a href="42">42</a>');