summaryrefslogtreecommitdiffstats
path: root/core
diff options
context:
space:
mode:
Diffstat (limited to 'core')
-rw-r--r--core/js/js.js19
-rw-r--r--core/js/tests/specs/coreSpec.js15
2 files changed, 28 insertions, 6 deletions
diff --git a/core/js/js.js b/core/js/js.js
index 7ff010eca0a..a43df4014df 100644
--- a/core/js/js.js
+++ b/core/js/js.js
@@ -116,17 +116,30 @@ var OC={
/**
* Generates the absolute url for the given relative url, which can contain parameters.
+ * Parameters will be URL encoded automatically.
* @param {string} url
* @param [params] params
+ * @param [options] options
+ * @param {bool} [options.escape=true] enable/disable auto escape of placeholders (by default enabled)
* @return {string} Absolute URL for the given relative URL
*/
- generateUrl: function(url, params) {
+ generateUrl: function(url, params, options) {
+ var defaultOptions = {
+ escape: true
+ },
+ allOptions = options || {};
+ _.defaults(allOptions, defaultOptions);
+
var _build = function (text, vars) {
var vars = vars || [];
return text.replace(/{([^{}]*)}/g,
function (a, b) {
- var r = vars[b];
- return typeof r === 'string' || typeof r === 'number' ? r : a;
+ var r = (vars[b]);
+ if(allOptions.escape) {
+ return (typeof r === 'string' || typeof r === 'number') ? encodeURIComponent(r) : encodeURIComponent(a);
+ } else {
+ return (typeof r === 'string' || typeof r === 'number') ? r : a;
+ }
}
);
};
diff --git a/core/js/tests/specs/coreSpec.js b/core/js/tests/specs/coreSpec.js
index 159c3743662..7d06ac2e7df 100644
--- a/core/js/tests/specs/coreSpec.js
+++ b/core/js/tests/specs/coreSpec.js
@@ -393,11 +393,20 @@ describe('Core base tests', function() {
expect(OC.generateUrl('heartbeat')).toEqual(OC.webroot + '/index.php/heartbeat');
expect(OC.generateUrl('/heartbeat')).toEqual(OC.webroot + '/index.php/heartbeat');
});
- it('substitutes parameters', function() {
- expect(OC.generateUrl('apps/files/download{file}', {file: '/Welcome.txt'})).toEqual(OC.webroot + '/index.php/apps/files/download/Welcome.txt');
+ it('substitutes parameters which are escaped by default', function() {
+ expect(OC.generateUrl('apps/files/download/{file}', {file: '<">ImAnUnescapedString/!'})).toEqual(OC.webroot + '/index.php/apps/files/download/%3C%22%3EImAnUnescapedString%2F!');
+ });
+ it('substitutes parameters which can also be unescaped via option flag', function() {
+ expect(OC.generateUrl('apps/files/download/{file}', {file: 'subfolder/Welcome.txt'}, {escape: false})).toEqual(OC.webroot + '/index.php/apps/files/download/subfolder/Welcome.txt');
+ });
+ it('substitutes multiple parameters which are escaped by default', function() {
+ expect(OC.generateUrl('apps/files/download/{file}/{id}', {file: '<">ImAnUnescapedString/!', id: 5})).toEqual(OC.webroot + '/index.php/apps/files/download/%3C%22%3EImAnUnescapedString%2F!/5');
+ });
+ it('substitutes multiple parameters which can also be unescaped via option flag', function() {
+ expect(OC.generateUrl('apps/files/download/{file}/{id}', {file: 'subfolder/Welcome.txt', id: 5}, {escape: false})).toEqual(OC.webroot + '/index.php/apps/files/download/subfolder/Welcome.txt/5');
});
it('doesnt error out with no params provided', function () {
- expect(OC.generateUrl('apps/files/download{file}')).toEqual(OC.webroot + '/index.php/apps/files/download{file}');
+ expect(OC.generateUrl('apps/files/download{file}')).toEqual(OC.webroot + '/index.php/apps/files/download%7Bfile%7D');
});
});
describe('Main menu mobile toggle', function() {