diff options
Diffstat (limited to 'perllib/FixMyStreet/App/View/Web.pm')
| -rw-r--r-- | perllib/FixMyStreet/App/View/Web.pm | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/perllib/FixMyStreet/App/View/Web.pm b/perllib/FixMyStreet/App/View/Web.pm index 358e280c3..df2d0ac20 100644 --- a/perllib/FixMyStreet/App/View/Web.pm +++ b/perllib/FixMyStreet/App/View/Web.pm @@ -21,6 +21,9 @@ __PACKAGE__->config( 'loc', 'nget', 'tprintf', 'display_crosssell_advert', 'prettify_epoch', 'add_links', ], + FILTERS => { + escape_js => \&escape_js, + }, ); =head1 NAME @@ -120,5 +123,24 @@ sub add_links { return $text; } +=head2 escape_js + +Used to escape strings that are going to be put inside JavaScript. + +=cut + +sub escape_js { + my $text = shift; + my %lookup = ( + '\\' => 'u005c', + '"' => 'u0022', + "'" => 'u0027', + '<' => 'u003c', + '>' => 'u003e', + ); + $text =~ s/([\\"'<>])/\\$lookup{$1}/g; + return $text; +} + 1; |