module ApiHammer::JsonScriptEscapeHelper

Public Class Methods

j(object)
Alias for: json_script_escape
json_script_escape(object) click to toggle source

takes an object which can be used to generate JSON, and formats it so that it may be safely be inserted inside a <script> tag.

example: safely assigning the javascript variable foo to what's currently in the ruby variable foo.

<script>
foo = <%= json_script_escape(foo) %>;
</script>

the string is expressed as JSON, which applies proper escaping to any characters special to javascript, and then further escapes any <, >, and / characters which may otherwise introduce such things as </script> tags.

this is aliased as j, which replaces the j helper built into rails which requires quotes to be added around strings and does not support objects other than strings.

# File lib/api_hammer/json_script_escape_helper.rb, line 19
def json_script_escape(object)
  encoded = JSON.generate(object, :quirks_mode => true)
  escaped = encoded.gsub(%r([<>/])) { |x| x.codepoints.map { |p| "\\u%.4x" % p }.join }
  escaped.respond_to?(:html_safe) ? escaped.html_safe : escaped
end
Also aliased as: j

Private Instance Methods

j(object)
Alias for: json_script_escape
json_script_escape(object) click to toggle source

takes an object which can be used to generate JSON, and formats it so that it may be safely be inserted inside a <script> tag.

example: safely assigning the javascript variable foo to what's currently in the ruby variable foo.

<script>
foo = <%= json_script_escape(foo) %>;
</script>

the string is expressed as JSON, which applies proper escaping to any characters special to javascript, and then further escapes any <, >, and / characters which may otherwise introduce such things as </script> tags.

this is aliased as j, which replaces the j helper built into rails which requires quotes to be added around strings and does not support objects other than strings.

# File lib/api_hammer/json_script_escape_helper.rb, line 19
def json_script_escape(object)
  encoded = JSON.generate(object, :quirks_mode => true)
  escaped = encoded.gsub(%r([<>/])) { |x| x.codepoints.map { |p| "\\u%.4x" % p }.join }
  escaped.respond_to?(:html_safe) ? escaped.html_safe : escaped
end
Also aliased as: j