diff --git a/build/make_default_helpers.js b/build/make_default_helpers.js
index c694c90..e625cda 100644
--- a/build/make_default_helpers.js
+++ b/build/make_default_helpers.js
@@ -279,7 +279,7 @@ module.exports = function(docMap, config, getCurrent, Handlebars){
//this allows linking to a specific section with the hash syntax (#27)
hashParts = name.split("#");
name = hashParts.shift();
-
+
docObject = docMap[name]
if (docObject) {
linkText = parts && parts[2] ? parts[2] : docObject.title || name;
@@ -408,7 +408,9 @@ module.exports = function(docMap, config, getCurrent, Handlebars){
},
docObjectString: function(){
this.pathToRoot = pathToRoot(this.name);
- return JSON.stringify(deepExtendWithoutBody(this)).replace("", "<\\/script>");
+
+ return JSON.stringify(deepExtendWithoutBody(this))
+ .replace(/<\/script>/g, "<\\/script>");
},
pathToDest: function(){
var currentDir = path.dirname( path.join(config.dest, docsFilename( getCurrent(), config)) );
diff --git a/html_test.js b/html_test.js
index 020597c..3aef10f 100644
--- a/html_test.js
+++ b/html_test.js
@@ -96,48 +96,67 @@ describe("documentjs/lib/generators/html",function(){
});
});
- it("closing script tags are properly escaped", function(done){
+ it("closing script tags are properly escaped", function() {
this.timeout(40000);
- rmdir(path.join(__dirname,"test","tmp"), function(e){
- if(e) {
- return done(e);
- }
- var options = {
- dest: path.join(__dirname, "test","tmp"),
- parent: "index",
- templateRender: true
- };
-
-
- var docMap = Q.Promise(function(resolve){
- resolve(_.assign({
- index: {
- name: "index",
- type: "page",
- body: "Hello `{{thing.params.0.script}}`"
- },
- thing: {
- name: "thing",
- params: [
- {script: ""}
- ]
- }
- }));
- });
- html.generate(docMap,options).then(function(){
- fs.readFile(
- path.join(__dirname,"test","tmp","index.html"),
- function(err, data){
- if(err) {
- done(err);
+ return Q.denodeify(rmdir)(path.join(__dirname,"test","tmp"))
+ .then(function() {
+ var options = {
+ dest: path.join(__dirname, "test","tmp"),
+ parent: "index",
+ templateRender: true
+ };
+
+ var docMap = Q.Promise(function(resolve){
+ resolve(_.assign({
+ index: {
+ name: "index",
+ type: "page",
+ body: [
+ "Hello `{{thing.params.0.script}}`",
+ "Load steal using \n\n `{{thing.params.1.script}}`"
+ ].join("\n")
+ },
+ thing: {
+ name: "thing",
+ params: [
+ {script: ""},
+ {script: ""}
+ ]
}
- assert.ok( (""+data).includes("<script>function() {return true; }<\/script><\/code>"), "script closing tag escaped" );
- done();
- });
-
- },done);
- });
+ }));
+ });
+
+ return html.generate(docMap, options);
+ })
+ .then(function() {
+ return readFile(path.join(__dirname, "test", "tmp", "index.html"));
+ })
+ .then(function(data) {
+ var index = data.toString();
+
+ assert.ok(
+ index.includes("<script>function() {return true; }<\/script><\/code>"),
+ "script closing tag escaped"
+ );
+ })
+ .then(function() {
+ return readFile(path.join(__dirname, "test", "tmp", "thing.html"));
+ })
+ .then(function(data) {
+ var content = data.toString();
+ var rx = /<\/script>/g;
+
+ var docObject = content.substring(
+ content.indexOf("var docObject = "),
+ content.indexOf("};", content.indexOf("var docObject = "))
+ );
+
+ assert.ok(
+ !rx.test(docObject),
+ "docObject should not have unscaped closing script tags"
+ );
+ });
});
it("slashes get put in a folder and can link correctly", function(done){