Add a single quote to the HTML set of characters that should be escaped.
This commit is contained in:
parent
cd9bd71092
commit
376385ac0e
@ -54,6 +54,7 @@ class Escaper {
|
||||
htmlEscapeSet.add('>');
|
||||
htmlEscapeSet.add('&');
|
||||
htmlEscapeSet.add('=');
|
||||
htmlEscapeSet.add('\'');
|
||||
// htmlEscapeSet.add('/'); -- Removing slash for now since it causes some incompatibilities
|
||||
HTML_ESCAPE_CHARS = Collections.unmodifiableSet(htmlEscapeSet);
|
||||
}
|
||||
@ -113,6 +114,9 @@ class Escaper {
|
||||
case '"':
|
||||
out.append('\\').append((char) codePoint);
|
||||
break;
|
||||
case '\'':
|
||||
out.append('\\').append((char) codePoint);
|
||||
break;
|
||||
default:
|
||||
appendHexJavaScriptRepresentation(codePoint, out);
|
||||
break;
|
||||
@ -133,7 +137,7 @@ class Escaper {
|
||||
|
||||
private static boolean isControlCharacter(int codePoint) {
|
||||
// JSON spec defines these code points as control characters, so they must be escaped
|
||||
return codePoint < 0x20
|
||||
return codePoint < 0x20
|
||||
|| codePoint == 0x2028 // Line separator
|
||||
|| codePoint == 0x2029 // Paragraph separator
|
||||
|| (codePoint >= 0x7f && codePoint <= 0x9f);
|
||||
|
@ -59,11 +59,17 @@ public class EscaperTest extends TestCase {
|
||||
assertEquals("123\\t456", escapedString);
|
||||
}
|
||||
|
||||
public void testQuoteEscaping() throws Exception {
|
||||
public void testDoubleQuoteEscaping() throws Exception {
|
||||
String containsQuote = "123\"456";
|
||||
String escapedString = escapeHtmlChar.escapeJsonString(containsQuote);
|
||||
assertEquals("123\\\"456", escapedString);
|
||||
}
|
||||
|
||||
public void testSingleQuoteEscaping() throws Exception {
|
||||
String containsQuote = "123'456";
|
||||
String escapedString = escapeHtmlChar.escapeJsonString(containsQuote);
|
||||
assertEquals("123\\'456", escapedString);
|
||||
}
|
||||
|
||||
public void testLineSeparatorEscaping() throws Exception {
|
||||
String src = "123\u2028 456";
|
||||
@ -138,7 +144,7 @@ public class EscaperTest extends TestCase {
|
||||
|
||||
public void testSingleQuoteNotEscaped() throws Exception {
|
||||
String containsSingleQuote = "123'456";
|
||||
String escapedString = escapeHtmlChar.escapeJsonString(containsSingleQuote);
|
||||
String escapedString = noEscapeHtmlChar.escapeJsonString(containsSingleQuote);
|
||||
assertEquals(containsSingleQuote, escapedString);
|
||||
}
|
||||
|
||||
|
@ -13,13 +13,21 @@
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package com.google.gson.functional;
|
||||
|
||||
import com.google.gson.Gson;
|
||||
import com.google.gson.GsonBuilder;
|
||||
import com.google.gson.common.TestTypes.BagOfPrimitives;
|
||||
|
||||
import junit.framework.TestCase;
|
||||
|
||||
/**
|
||||
* Performs some functional test involving JSON output escaping.
|
||||
*
|
||||
* @author Inderjeet Singh
|
||||
* @author Joel Leitch
|
||||
*/
|
||||
public class EscapingTest extends TestCase {
|
||||
private Gson gson;
|
||||
|
||||
@ -47,4 +55,17 @@ public class EscapingTest extends TestCase {
|
||||
BagOfPrimitives expectedObject = gson.fromJson(jsonRepresentation, BagOfPrimitives.class);
|
||||
assertEquals(objWithPrimitives.getExpectedJson(), expectedObject.getExpectedJson());
|
||||
}
|
||||
|
||||
public void testGsonAcceptsEscapedAndNonEscapedJsonDeserialization() throws Exception {
|
||||
Gson escapeHtmlGson = new GsonBuilder().create();
|
||||
Gson noEscapeHtmlGson = new GsonBuilder().disableHtmlEscaping().create();
|
||||
|
||||
BagOfPrimitives target = new BagOfPrimitives(1L, 1, true, "test' / w'ith\" / \\ <script>");
|
||||
String escapedJsonForm = escapeHtmlGson.toJson(target);
|
||||
String nonEscapedJsonForm = noEscapeHtmlGson.toJson(target);
|
||||
assertFalse(escapedJsonForm.equals(nonEscapedJsonForm));
|
||||
|
||||
assertEquals(target, noEscapeHtmlGson.fromJson(escapedJsonForm, BagOfPrimitives.class));
|
||||
assertEquals(target, escapeHtmlGson.fromJson(nonEscapedJsonForm, BagOfPrimitives.class));
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user