From 8df3bef014f23939ebb4ab7e5c10458ca36ed34a Mon Sep 17 00:00:00 2001 From: Jan Lehnardt Date: Mon, 26 Apr 2010 23:00:58 +0200 Subject: [PATCH] don't doublt encode entities. Closes #19. Patch by Leeoniya --- examples/escaped.html | 3 ++- examples/escaped.js | 3 ++- examples/escaped.txt | 1 + mustache.js | 2 +- 4 files changed, 6 insertions(+), 3 deletions(-) diff --git a/examples/escaped.html b/examples/escaped.html index 8be4ccb..ea25951 100644 --- a/examples/escaped.html +++ b/examples/escaped.html @@ -1 +1,2 @@ -

{{title}}

\ No newline at end of file +

{{title}}

+But not {{entities}}. diff --git a/examples/escaped.js b/examples/escaped.js index fd8ab37..7a8baef 100644 --- a/examples/escaped.js +++ b/examples/escaped.js @@ -1,5 +1,6 @@ var escaped = { title: function() { return "Bear > Shark"; - } + }, + entities: """ }; diff --git a/examples/escaped.txt b/examples/escaped.txt index 7f4de76..73ac5ce 100644 --- a/examples/escaped.txt +++ b/examples/escaped.txt @@ -1 +1,2 @@

Bear > Shark

+But not ". diff --git a/mustache.js b/mustache.js index 27fe6f2..a8a9cb2 100644 --- a/mustache.js +++ b/mustache.js @@ -208,7 +208,7 @@ var Mustache = function() { Does away with nasty characters */ escape: function(s) { - return ((s == null) ? "" : s).toString().replace(/[&"<>\\]/g, function(s) { + return ((s == null) ? "" : s).toString().replace(/&(?!\w+;)|["<>\\]/g, function(s) { switch(s) { case "&": return "&"; case "\\": return "\\\\";;