Completes first pass at implementation of 'escape'. Still needs unesc…

…ape worked out.
balderdashy · Mar 31, 2016 · 1431b33 · 1431b33
1 parent 4adc789
commit 1431b33
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 16 deletions.
diff --git a/lib/hooks/views/escape-html-entities-deep.js b/lib/hooks/views/escape-html-entities-deep.js
@@ -3,6 +3,7 @@
  */
 
 var _ = require('lodash');
+var rttc = require('rttc');
 
 
 /**
@@ -15,23 +16,21 @@ var _ = require('lodash');
  * using the rules established in rttc.dehydrate().
  *
  * @param {Dictionary} data
- *           The data to escape.
+ *           The dictionary of data to escape.
  *
  * @returns {JSON} a recursively-HTML-escaped copy of the provided data.
  */
 module.exports = function escapeHtmlEntitiesDeep(data){
 
-  // The function to use for escaping strings for use in HTML
-  // (this is just the same thing that Lodash uses when you use `<%- %>` in templates)
-  var escapeFn = _.escape;
+  return rttc.rebuild(data, function escape(val, type){
+    // _.escape() is for escaping strings for use in HTML.
+    // (this is just the same thing that Lodash uses when you use `<%- %>` in templates)
+    if (type === 'string') {
+      return _.escape(val);
+    }
+    else {
+      return val;
+    }
+  });
 
-  // Naive implementation:
-  if (_.isString(data)) {
-    return escapeFn(data);
-  }
-  // Potentially-recursive implementation
-  else {
-    // TODO
-    return data;
-  }
 };
diff --git a/lib/hooks/views/html-scriptify.js b/lib/hooks/views/html-scriptify.js
@@ -117,8 +117,8 @@ module.exports = function htmlScriptify(options){
     if (_.isUndefined(unsafeVal)) { return; }
 
     // Now, dive into `unsafeVal` and recursively HTML-escape any nested strings
-    // and compile it into a JavaScript string which will accurately represent it
-    // as an r-value (watching out for circular refs along the way).
+    // and compile the whole thing into a JavaScript string which will accurately
+    // represent it as an r-value (watching out for circular refs along the way).
     if (!options.dontUnescapeOnClient) {
       html += ''+key+': unescape('+rttc.compile(escapeHtmlEntitiesDeep(unsafeVal))+'),';
     }

diff --git a/package.json b/package.json
@@ -80,7 +80,7 @@
     "prompt": "0.2.14",
     "rc": "1.0.1",
     "reportback": "~0.1.9",
-    "rttc": "9.3.0",
+    "rttc": "9.3.3",
     "sails-build-dictionary": "~0.10.1",
     "sails-disk": "~0.10.9",
     "sails-generate": "~0.13.0",