Comparing version 0.8.4 to 0.8.5
186
ejs.js
@@ -7,2 +7,3 @@ ejs = (function(){ | ||
if ('fs' == p) return {}; | ||
if ('path' == p) return {}; | ||
var path = require.resolve(p) | ||
@@ -65,13 +66,12 @@ , mod = require.modules[path]; | ||
var utils = require('./utils') | ||
, fs = require('fs'); | ||
, path = require('path') | ||
, dirname = path.dirname | ||
, extname = path.extname | ||
, join = path.join | ||
, fs = require('fs') | ||
, read = fs.readFileSync; | ||
/** | ||
* Library version. | ||
*/ | ||
exports.version = '0.7.2'; | ||
/** | ||
* Filters. | ||
* | ||
* | ||
* @type Object | ||
@@ -84,3 +84,3 @@ */ | ||
* Intermediate js cache. | ||
* | ||
* | ||
* @type Object | ||
@@ -113,3 +113,3 @@ */ | ||
, name = parts.shift() | ||
, args = parts.shift() || ''; | ||
, args = parts.join(':') || ''; | ||
if (args) args = ', ' + args; | ||
@@ -147,5 +147,5 @@ return 'filters.' + name + '(' + js + args + ')'; | ||
err.path = filename; | ||
err.message = (filename || 'ejs') + ':' | ||
+ lineno + '\n' | ||
+ context + '\n\n' | ||
err.message = (filename || 'ejs') + ':' | ||
+ lineno + '\n' | ||
+ context + '\n\n' | ||
+ err.message; | ||
@@ -167,10 +167,11 @@ | ||
, open = options.open || exports.open || '<%' | ||
, close = options.close || exports.close || '%>'; | ||
, close = options.close || exports.close || '%>' | ||
, filename = options.filename | ||
, compileDebug = options.compileDebug !== false | ||
, buf = ""; | ||
var buf = [ | ||
"var buf = [];" | ||
, "\nwith (locals) {" | ||
, "\n buf.push('" | ||
]; | ||
buf += 'var buf = [];'; | ||
if (false !== options._with) buf += '\nwith (locals || {}) { (function(){ '; | ||
buf += '\n buf.push(\''; | ||
var lineno = 1; | ||
@@ -180,7 +181,8 @@ | ||
for (var i = 0, len = str.length; i < len; ++i) { | ||
var stri = str[i]; | ||
if (str.slice(i, open.length + i) == open) { | ||
i += open.length | ||
var prefix, postfix, line = '__stack.lineno=' + lineno; | ||
switch (str.substr(i, 1)) { | ||
var prefix, postfix, line = (compileDebug ? '__stack.lineno=' : '') + lineno; | ||
switch (str[i]) { | ||
case '=': | ||
@@ -204,4 +206,5 @@ prefix = "', escape((" + line + ', '; | ||
, start = i | ||
, include = null | ||
, n = 0; | ||
if ('-' == js[js.length-1]){ | ||
@@ -211,28 +214,44 @@ js = js.substring(0, js.length - 2); | ||
} | ||
if (0 == js.trim().indexOf('include')) { | ||
var name = js.trim().slice(7).trim(); | ||
if (!filename) throw new Error('filename option is required for includes'); | ||
var path = resolveInclude(name, filename); | ||
include = read(path, 'utf8'); | ||
include = exports.parse(include, { filename: path, _with: false, open: open, close: close, compileDebug: compileDebug }); | ||
buf += "' + (function(){" + include + "})() + '"; | ||
js = ''; | ||
} | ||
while (~(n = js.indexOf("\n", n))) n++, lineno++; | ||
if (js.substr(0, 1) == ':') js = filtered(js); | ||
buf.push(prefix, js, postfix); | ||
if (js) { | ||
if (js.lastIndexOf('//') > js.lastIndexOf('\n')) js += '\n'; | ||
buf += prefix; | ||
buf += js; | ||
buf += postfix; | ||
} | ||
i += end - start + close.length - 1; | ||
} else if (str.substr(i, 1) == "\\") { | ||
buf.push("\\\\"); | ||
} else if (str.substr(i, 1) == "'") { | ||
buf.push("\\'"); | ||
} else if (str.substr(i, 1) == "\r") { | ||
buf.push(" "); | ||
} else if (str.substr(i, 1) == "\n") { | ||
} else if (stri == "\\") { | ||
buf += "\\\\"; | ||
} else if (stri == "'") { | ||
buf += "\\'"; | ||
} else if (stri == "\r") { | ||
// ignore | ||
} else if (stri == "\n") { | ||
if (consumeEOL) { | ||
consumeEOL = false; | ||
} else { | ||
buf.push("\\n"); | ||
buf += "\\n"; | ||
lineno++; | ||
} | ||
} else { | ||
buf.push(str.substr(i, 1)); | ||
buf += stri; | ||
} | ||
} | ||
buf.push("');\n}\nreturn buf.join('');"); | ||
return buf.join(''); | ||
if (false !== options._with) buf += "'); })();\n} \nreturn buf.join('');"; | ||
else buf += "');\nreturn buf.join('');"; | ||
return buf; | ||
}; | ||
@@ -251,4 +270,7 @@ | ||
options = options || {}; | ||
var escape = options.escape || utils.escape; | ||
var input = JSON.stringify(str) | ||
, compileDebug = options.compileDebug !== false | ||
, client = options.client | ||
, filename = options.filename | ||
@@ -258,17 +280,35 @@ ? JSON.stringify(options.filename) | ||
// Adds the fancy stack trace meta info | ||
str = [ | ||
'var __stack = { lineno: 1, input: ' + input + ', filename: ' + filename + ' };', | ||
rethrow.toString(), | ||
'try {', | ||
exports.parse(str, options), | ||
'} catch (err) {', | ||
' rethrow(err, __stack.input, __stack.filename, __stack.lineno);', | ||
'}' | ||
].join("\n"); | ||
if (compileDebug) { | ||
// Adds the fancy stack trace meta info | ||
str = [ | ||
'var __stack = { lineno: 1, input: ' + input + ', filename: ' + filename + ' };', | ||
rethrow.toString(), | ||
'try {', | ||
exports.parse(str, options), | ||
'} catch (err) {', | ||
' rethrow(err, __stack.input, __stack.filename, __stack.lineno);', | ||
'}' | ||
].join("\n"); | ||
} else { | ||
str = exports.parse(str, options); | ||
} | ||
if (options.debug) console.log(str); | ||
var fn = new Function('locals, filters, escape', str); | ||
if (client) str = 'escape = escape || ' + escape.toString() + ';\n' + str; | ||
try { | ||
var fn = new Function('locals, filters, escape, rethrow', str); | ||
} catch (err) { | ||
if ('SyntaxError' == err.name) { | ||
err.message += options.filename | ||
? ' in ' + filename | ||
: ' while compiling ejs'; | ||
} | ||
throw err; | ||
} | ||
if (client) return fn; | ||
return function(locals){ | ||
return fn.call(this, locals, filters, utils.escape); | ||
return fn.call(this, locals, filters, escape, rethrow); | ||
} | ||
@@ -332,13 +372,30 @@ }; | ||
var str; | ||
try { | ||
var str = options.cache | ||
? cache[key] || (cache[key] = fs.readFileSync(path, 'utf8')) | ||
: fs.readFileSync(path, 'utf8'); | ||
fn(null, exports.render(str, options)); | ||
str = options.cache | ||
? cache[key] || (cache[key] = read(path, 'utf8')) | ||
: read(path, 'utf8'); | ||
} catch (err) { | ||
fn(err); | ||
return; | ||
} | ||
fn(null, exports.render(str, options)); | ||
}; | ||
/** | ||
* Resolve include `name` relative to `filename`. | ||
* | ||
* @param {String} name | ||
* @param {String} filename | ||
* @return {String} | ||
* @api private | ||
*/ | ||
function resolveInclude(name, filename) { | ||
var path = join(dirname(filename), name); | ||
var ext = extname(name); | ||
if (!ext) path += '.ejs'; | ||
return path; | ||
} | ||
// express support | ||
@@ -353,5 +410,8 @@ | ||
if (require.extensions) { | ||
require.extensions['.ejs'] = function(module, filename) { | ||
source = require('fs').readFileSync(filename, 'utf-8'); | ||
module._compile(compile(source, {}), filename); | ||
require.extensions['.ejs'] = function (module, filename) { | ||
filename = filename || module.filename; | ||
var options = { filename: filename, client: true } | ||
, template = fs.readFileSync(filename).toString() | ||
, fn = compile(template, options); | ||
module._compile('module.exports = ' + fn.toString() + ';', filename); | ||
}; | ||
@@ -367,3 +427,2 @@ } else if (require.registerExtension) { | ||
require.register("filters.js", function(module, exports, require){ | ||
/*! | ||
@@ -489,5 +548,9 @@ * EJS - Filters | ||
exports.truncate = function(str, len){ | ||
exports.truncate = function(str, len, append){ | ||
str = String(str); | ||
return str.substr(0, len); | ||
if (str.length > len) { | ||
str = str.slice(0, len); | ||
if (append) str += append; | ||
} | ||
return str; | ||
}; | ||
@@ -567,2 +630,3 @@ | ||
}; | ||
}); // module: filters.js | ||
@@ -588,8 +652,10 @@ | ||
return String(html) | ||
.replace(/&(?!\w+;)/g, '&') | ||
.replace(/&(?!#?[a-zA-Z0-9]+;)/g, '&') | ||
.replace(/</g, '<') | ||
.replace(/>/g, '>') | ||
.replace(/'/g, ''') | ||
.replace(/"/g, '"'); | ||
}; | ||
}); // module: utils.js | ||
@@ -596,0 +662,0 @@ |
@@ -1,1 +0,1 @@ | ||
ejs=function(){function require(p){if("fs"==p)return{};var path=require.resolve(p),mod=require.modules[path];if(!mod)throw new Error('failed to require "'+p+'"');return mod.exports||(mod.exports={},mod.call(mod.exports,mod,mod.exports,require.relative(path))),mod.exports}return require.modules={},require.resolve=function(path){var orig=path,reg=path+".js",index=path+"/index.js";return require.modules[reg]&®||require.modules[index]&&index||orig},require.register=function(path,fn){require.modules[path]=fn},require.relative=function(parent){return function(p){if("."!=p.substr(0,1))return require(p);var path=parent.split("/"),segs=p.split("/");path.pop();for(var i=0;i<segs.length;i++){var seg=segs[i];".."==seg?path.pop():"."!=seg&&path.push(seg)}return require(path.join("/"))}},require.register("ejs.js",function(module,exports,require){var utils=require("./utils"),fs=require("fs");exports.version="0.7.2";var filters=exports.filters=require("./filters"),cache={};exports.clearCache=function(){cache={}};function filtered(js){return js.substr(1).split("|").reduce(function(js,filter){var parts=filter.split(":"),name=parts.shift(),args=parts.shift()||"";return args&&(args=", "+args),"filters."+name+"("+js+args+")"})}function rethrow(err,str,filename,lineno){var lines=str.split("\n"),start=Math.max(lineno-3,0),end=Math.min(lines.length,lineno+3),context=lines.slice(start,end).map(function(line,i){var curr=i+start+1;return(curr==lineno?" >> ":" ")+curr+"| "+line}).join("\n");throw err.path=filename,err.message=(filename||"ejs")+":"+lineno+"\n"+context+"\n\n"+err.message,err}var parse=exports.parse=function(str,options){var options=options||{},open=options.open||exports.open||"<%",close=options.close||exports.close||"%>",buf=["var buf = [];","\nwith (locals) {","\n buf.push('"],lineno=1,consumeEOL=!1;for(var i=0,len=str.length;i<len;++i)if(str.slice(i,open.length+i)==open){i+=open.length;var prefix,postfix,line="__stack.lineno="+lineno;switch(str.substr(i,1)){case"=":prefix="', escape(("+line+", ",postfix=")), '",++i;break;case"-":prefix="', ("+line+", ",postfix="), '",++i;break;default:prefix="');"+line+";",postfix="; buf.push('"}var end=str.indexOf(close,i),js=str.substring(i,end),start=i,n=0;"-"==js[js.length-1]&&(js=js.substring(0,js.length-2),consumeEOL=!0);while(~(n=js.indexOf("\n",n)))n++,lineno++;js.substr(0,1)==":"&&(js=filtered(js)),buf.push(prefix,js,postfix),i+=end-start+close.length-1}else str.substr(i,1)=="\\"?buf.push("\\\\"):str.substr(i,1)=="'"?buf.push("\\'"):str.substr(i,1)=="\r"?buf.push(" "):str.substr(i,1)=="\n"?consumeEOL?consumeEOL=!1:(buf.push("\\n"),lineno++):buf.push(str.substr(i,1));return buf.push("');\n}\nreturn buf.join('');"),buf.join("")},compile=exports.compile=function(str,options){options=options||{};var input=JSON.stringify(str),filename=options.filename?JSON.stringify(options.filename):"undefined";str=["var __stack = { lineno: 1, input: "+input+", filename: "+filename+" };",rethrow.toString(),"try {",exports.parse(str,options),"} catch (err) {"," rethrow(err, __stack.input, __stack.filename, __stack.lineno);","}"].join("\n"),options.debug&&console.log(str);var fn=new Function("locals, filters, escape",str);return function(locals){return fn.call(this,locals,filters,utils.escape)}};exports.render=function(str,options){var fn,options=options||{};if(options.cache){if(!options.filename)throw new Error('"cache" option requires "filename".');fn=cache[options.filename]||(cache[options.filename]=compile(str,options))}else fn=compile(str,options);return options.__proto__=options.locals,fn.call(options.scope,options)},exports.renderFile=function(path,options,fn){var key=path+":string";"function"==typeof options&&(fn=options,options={}),options.filename=path;try{var str=options.cache?cache[key]||(cache[key]=fs.readFileSync(path,"utf8")):fs.readFileSync(path,"utf8");fn(null,exports.render(str,options))}catch(err){fn(err)}},exports.__express=exports.renderFile,require.extensions?require.extensions[".ejs"]=function(module,filename){source=require("fs").readFileSync(filename,"utf-8"),module._compile(compile(source,{}),filename)}:require.registerExtension&&require.registerExtension(".ejs",function(src){return compile(src,{})})}),require.register("filters.js",function(module,exports,require){exports.first=function(obj){return obj[0]},exports.last=function(obj){return obj[obj.length-1]},exports.capitalize=function(str){return str=String(str),str[0].toUpperCase()+str.substr(1,str.length)},exports.downcase=function(str){return String(str).toLowerCase()},exports.upcase=function(str){return String(str).toUpperCase()},exports.sort=function(obj){return Object.create(obj).sort()},exports.sort_by=function(obj,prop){return Object.create(obj).sort(function(a,b){return a=a[prop],b=b[prop],a>b?1:a<b?-1:0})},exports.size=exports.length=function(obj){return obj.length},exports.plus=function(a,b){return Number(a)+Number(b)},exports.minus=function(a,b){return Number(a)-Number(b)},exports.times=function(a,b){return Number(a)*Number(b)},exports.divided_by=function(a,b){return Number(a)/Number(b)},exports.join=function(obj,str){return obj.join(str||", ")},exports.truncate=function(str,len){return str=String(str),str.substr(0,len)},exports.truncate_words=function(str,n){var str=String(str),words=str.split(/ +/);return words.slice(0,n).join(" ")},exports.replace=function(str,pattern,substitution){return String(str).replace(pattern,substitution||"")},exports.prepend=function(obj,val){return Array.isArray(obj)?[val].concat(obj):val+obj},exports.append=function(obj,val){return Array.isArray(obj)?obj.concat(val):obj+val},exports.map=function(arr,prop){return arr.map(function(obj){return obj[prop]})},exports.reverse=function(obj){return Array.isArray(obj)?obj.reverse():String(obj).split("").reverse().join("")},exports.get=function(obj,prop){return obj[prop]},exports.json=function(obj){return JSON.stringify(obj)}}),require.register("utils.js",function(module,exports,require){exports.escape=function(html){return String(html).replace(/&(?!\w+;)/g,"&").replace(/</g,"<").replace(/>/g,">").replace(/"/g,""")}}),require("ejs")}(); | ||
ejs=function(){function require(p){if("fs"==p)return{};if("path"==p)return{};var path=require.resolve(p),mod=require.modules[path];if(!mod)throw new Error('failed to require "'+p+'"');if(!mod.exports){mod.exports={};mod.call(mod.exports,mod,mod.exports,require.relative(path))}return mod.exports}require.modules={};require.resolve=function(path){var orig=path,reg=path+".js",index=path+"/index.js";return require.modules[reg]&®||require.modules[index]&&index||orig};require.register=function(path,fn){require.modules[path]=fn};require.relative=function(parent){return function(p){if("."!=p.substr(0,1))return require(p);var path=parent.split("/"),segs=p.split("/");path.pop();for(var i=0;i<segs.length;i++){var seg=segs[i];if(".."==seg)path.pop();else if("."!=seg)path.push(seg)}return require(path.join("/"))}};require.register("ejs.js",function(module,exports,require){var utils=require("./utils"),path=require("path"),dirname=path.dirname,extname=path.extname,join=path.join,fs=require("fs"),read=fs.readFileSync;var filters=exports.filters=require("./filters");var cache={};exports.clearCache=function(){cache={}};function filtered(js){return js.substr(1).split("|").reduce(function(js,filter){var parts=filter.split(":"),name=parts.shift(),args=parts.join(":")||"";if(args)args=", "+args;return"filters."+name+"("+js+args+")"})}function rethrow(err,str,filename,lineno){var lines=str.split("\n"),start=Math.max(lineno-3,0),end=Math.min(lines.length,lineno+3);var context=lines.slice(start,end).map(function(line,i){var curr=i+start+1;return(curr==lineno?" >> ":" ")+curr+"| "+line}).join("\n");err.path=filename;err.message=(filename||"ejs")+":"+lineno+"\n"+context+"\n\n"+err.message;throw err}var parse=exports.parse=function(str,options){var options=options||{},open=options.open||exports.open||"<%",close=options.close||exports.close||"%>",filename=options.filename,compileDebug=options.compileDebug!==false,buf="";buf+="var buf = [];";if(false!==options._with)buf+="\nwith (locals || {}) { (function(){ ";buf+="\n buf.push('";var lineno=1;var consumeEOL=false;for(var i=0,len=str.length;i<len;++i){var stri=str[i];if(str.slice(i,open.length+i)==open){i+=open.length;var prefix,postfix,line=(compileDebug?"__stack.lineno=":"")+lineno;switch(str[i]){case"=":prefix="', escape(("+line+", ";postfix=")), '";++i;break;case"-":prefix="', ("+line+", ";postfix="), '";++i;break;default:prefix="');"+line+";";postfix="; buf.push('"}var end=str.indexOf(close,i),js=str.substring(i,end),start=i,include=null,n=0;if("-"==js[js.length-1]){js=js.substring(0,js.length-2);consumeEOL=true}if(0==js.trim().indexOf("include")){var name=js.trim().slice(7).trim();if(!filename)throw new Error("filename option is required for includes");var path=resolveInclude(name,filename);include=read(path,"utf8");include=exports.parse(include,{filename:path,_with:false,open:open,close:close,compileDebug:compileDebug});buf+="' + (function(){"+include+"})() + '";js=""}while(~(n=js.indexOf("\n",n)))n++,lineno++;if(js.substr(0,1)==":")js=filtered(js);if(js){if(js.lastIndexOf("//")>js.lastIndexOf("\n"))js+="\n";buf+=prefix;buf+=js;buf+=postfix}i+=end-start+close.length-1}else if(stri=="\\"){buf+="\\\\"}else if(stri=="'"){buf+="\\'"}else if(stri=="\r"){}else if(stri=="\n"){if(consumeEOL){consumeEOL=false}else{buf+="\\n";lineno++}}else{buf+=stri}}if(false!==options._with)buf+="'); })();\n} \nreturn buf.join('');";else buf+="');\nreturn buf.join('');";return buf};var compile=exports.compile=function(str,options){options=options||{};var escape=options.escape||utils.escape;var input=JSON.stringify(str),compileDebug=options.compileDebug!==false,client=options.client,filename=options.filename?JSON.stringify(options.filename):"undefined";if(compileDebug){str=["var __stack = { lineno: 1, input: "+input+", filename: "+filename+" };",rethrow.toString(),"try {",exports.parse(str,options),"} catch (err) {"," rethrow(err, __stack.input, __stack.filename, __stack.lineno);","}"].join("\n")}else{str=exports.parse(str,options)}if(options.debug)console.log(str);if(client)str="escape = escape || "+escape.toString()+";\n"+str;try{var fn=new Function("locals, filters, escape, rethrow",str)}catch(err){if("SyntaxError"==err.name){err.message+=options.filename?" in "+filename:" while compiling ejs"}throw err}if(client)return fn;return function(locals){return fn.call(this,locals,filters,escape,rethrow)}};exports.render=function(str,options){var fn,options=options||{};if(options.cache){if(options.filename){fn=cache[options.filename]||(cache[options.filename]=compile(str,options))}else{throw new Error('"cache" option requires "filename".')}}else{fn=compile(str,options)}options.__proto__=options.locals;return fn.call(options.scope,options)};exports.renderFile=function(path,options,fn){var key=path+":string";if("function"==typeof options){fn=options,options={}}options.filename=path;var str;try{str=options.cache?cache[key]||(cache[key]=read(path,"utf8")):read(path,"utf8")}catch(err){fn(err);return}fn(null,exports.render(str,options))};function resolveInclude(name,filename){var path=join(dirname(filename),name);var ext=extname(name);if(!ext)path+=".ejs";return path}exports.__express=exports.renderFile;if(require.extensions){require.extensions[".ejs"]=function(module,filename){filename=filename||module.filename;var options={filename:filename,client:true},template=fs.readFileSync(filename).toString(),fn=compile(template,options);module._compile("module.exports = "+fn.toString()+";",filename)}}else if(require.registerExtension){require.registerExtension(".ejs",function(src){return compile(src,{})})}});require.register("filters.js",function(module,exports,require){exports.first=function(obj){return obj[0]};exports.last=function(obj){return obj[obj.length-1]};exports.capitalize=function(str){str=String(str);return str[0].toUpperCase()+str.substr(1,str.length)};exports.downcase=function(str){return String(str).toLowerCase()};exports.upcase=function(str){return String(str).toUpperCase()};exports.sort=function(obj){return Object.create(obj).sort()};exports.sort_by=function(obj,prop){return Object.create(obj).sort(function(a,b){a=a[prop],b=b[prop];if(a>b)return 1;if(a<b)return-1;return 0})};exports.size=exports.length=function(obj){return obj.length};exports.plus=function(a,b){return Number(a)+Number(b)};exports.minus=function(a,b){return Number(a)-Number(b)};exports.times=function(a,b){return Number(a)*Number(b)};exports.divided_by=function(a,b){return Number(a)/Number(b)};exports.join=function(obj,str){return obj.join(str||", ")};exports.truncate=function(str,len,append){str=String(str);if(str.length>len){str=str.slice(0,len);if(append)str+=append}return str};exports.truncate_words=function(str,n){var str=String(str),words=str.split(/ +/);return words.slice(0,n).join(" ")};exports.replace=function(str,pattern,substitution){return String(str).replace(pattern,substitution||"")};exports.prepend=function(obj,val){return Array.isArray(obj)?[val].concat(obj):val+obj};exports.append=function(obj,val){return Array.isArray(obj)?obj.concat(val):obj+val};exports.map=function(arr,prop){return arr.map(function(obj){return obj[prop]})};exports.reverse=function(obj){return Array.isArray(obj)?obj.reverse():String(obj).split("").reverse().join("")};exports.get=function(obj,prop){return obj[prop]};exports.json=function(obj){return JSON.stringify(obj)}});require.register("utils.js",function(module,exports,require){exports.escape=function(html){return String(html).replace(/&(?!#?[a-zA-Z0-9]+;)/g,"&").replace(/</g,"<").replace(/>/g,">").replace(/'/g,"'").replace(/"/g,""")}});return require("ejs")}(); |
0.8.5 / 2013-11-21 | ||
================== | ||
* fix: Escape apostrophe & don't over-match existing entities | ||
* fix function name changed by uglify | ||
* fixes require, closes #78 | ||
0.8.4 / 2013-05-08 | ||
@@ -3,0 +10,0 @@ ================== |
@@ -14,3 +14,2 @@ | ||
, path = require('path') | ||
, basename = path.basename | ||
, dirname = path.dirname | ||
@@ -115,7 +114,7 @@ , extname = path.extname | ||
, compileDebug = options.compileDebug !== false | ||
, buf = []; | ||
, buf = ""; | ||
buf.push('var buf = [];'); | ||
if (false !== options._with) buf.push('\nwith (locals || {}) { (function(){ '); | ||
buf.push('\n buf.push(\''); | ||
buf += 'var buf = [];'; | ||
if (false !== options._with) buf += '\nwith (locals || {}) { (function(){ '; | ||
buf += '\n buf.push(\''; | ||
@@ -126,2 +125,3 @@ var lineno = 1; | ||
for (var i = 0, len = str.length; i < len; ++i) { | ||
var stri = str[i]; | ||
if (str.slice(i, open.length + i) == open) { | ||
@@ -131,3 +131,3 @@ i += open.length | ||
var prefix, postfix, line = (compileDebug ? '__stack.lineno=' : '') + lineno; | ||
switch (str.substr(i, 1)) { | ||
switch (str[i]) { | ||
case '=': | ||
@@ -165,3 +165,3 @@ prefix = "', escape((" + line + ', '; | ||
include = exports.parse(include, { filename: path, _with: false, open: open, close: close, compileDebug: compileDebug }); | ||
buf.push("' + (function(){" + include + "})() + '"); | ||
buf += "' + (function(){" + include + "})() + '"; | ||
js = ''; | ||
@@ -174,28 +174,29 @@ } | ||
if (js.lastIndexOf('//') > js.lastIndexOf('\n')) js += '\n'; | ||
buf.push(prefix, js, postfix); | ||
buf += prefix; | ||
buf += js; | ||
buf += postfix; | ||
} | ||
i += end - start + close.length - 1; | ||
} else if (str.substr(i, 1) == "\\") { | ||
buf.push("\\\\"); | ||
} else if (str.substr(i, 1) == "'") { | ||
buf.push("\\'"); | ||
} else if (str.substr(i, 1) == "\r") { | ||
} else if (stri == "\\") { | ||
buf += "\\\\"; | ||
} else if (stri == "'") { | ||
buf += "\\'"; | ||
} else if (stri == "\r") { | ||
// ignore | ||
} else if (str.substr(i, 1) == "\n") { | ||
} else if (stri == "\n") { | ||
if (consumeEOL) { | ||
consumeEOL = false; | ||
} else { | ||
buf.push("\\n"); | ||
buf += "\\n"; | ||
lineno++; | ||
} | ||
} else { | ||
buf.push(str.substr(i, 1)); | ||
buf += stri; | ||
} | ||
} | ||
if (false !== options._with) buf.push("'); })();\n} \nreturn buf.join('');") | ||
else buf.push("');\nreturn buf.join('');"); | ||
return buf.join(''); | ||
if (false !== options._with) buf += "'); })();\n} \nreturn buf.join('');"; | ||
else buf += "');\nreturn buf.join('');"; | ||
return buf; | ||
}; | ||
@@ -242,3 +243,3 @@ | ||
try { | ||
var fn = new Function('locals, filters, escape', str); | ||
var fn = new Function('locals, filters, escape, rethrow', str); | ||
} catch (err) { | ||
@@ -256,3 +257,3 @@ if ('SyntaxError' == err.name) { | ||
return function(locals){ | ||
return fn.call(this, locals, filters, escape); | ||
return fn.call(this, locals, filters, escape, rethrow); | ||
} | ||
@@ -353,5 +354,8 @@ }; | ||
if (require.extensions) { | ||
require.extensions['.ejs'] = function(module, filename) { | ||
source = require('fs').readFileSync(filename, 'utf-8'); | ||
module._compile(compile(source, {}), filename); | ||
require.extensions['.ejs'] = function (module, filename) { | ||
filename = filename || module.filename; | ||
var options = { filename: filename, client: true } | ||
, template = fs.readFileSync(filename).toString() | ||
, fn = compile(template, options); | ||
module._compile('module.exports = ' + fn.toString() + ';', filename); | ||
}; | ||
@@ -358,0 +362,0 @@ } else if (require.registerExtension) { |
@@ -1,2 +0,1 @@ | ||
/*! | ||
@@ -122,5 +121,9 @@ * EJS - Filters | ||
exports.truncate = function(str, len){ | ||
exports.truncate = function(str, len, append){ | ||
str = String(str); | ||
return str.substr(0, len); | ||
if (str.length > len) { | ||
str = str.slice(0, len); | ||
if (append) str += append; | ||
} | ||
return str; | ||
}; | ||
@@ -199,2 +202,2 @@ | ||
return JSON.stringify(obj); | ||
}; | ||
}; |
@@ -18,7 +18,8 @@ | ||
return String(html) | ||
.replace(/&(?!\w+;)/g, '&') | ||
.replace(/&(?!#?[a-zA-Z0-9]+;)/g, '&') | ||
.replace(/</g, '<') | ||
.replace(/>/g, '>') | ||
.replace(/'/g, ''') | ||
.replace(/"/g, '"'); | ||
}; | ||
{ | ||
"name": "ejs", | ||
"description": "Embedded JavaScript templates", | ||
"version": "0.8.4", | ||
"version": "0.8.5", | ||
"author": "TJ Holowaychuk <tj@vision-media.ca>", | ||
@@ -6,0 +6,0 @@ "keywords": ["template", "engine", "ejs"], |
@@ -124,2 +124,3 @@ | ||
if ('fs' == p) return {}; | ||
if ('path' == p) return {}; | ||
var path = require.resolve(p) | ||
@@ -126,0 +127,0 @@ , mod = require.modules[path]; |
@@ -132,6 +132,22 @@ /** | ||
describe('<%=', function(){ | ||
it('should escape', function(){ | ||
it('should escape <script>', function(){ | ||
ejs.render('<%= name %>', { name: '<script>' }) | ||
.should.equal('<script>'); | ||
}) | ||
it("should escape '", function(){ | ||
ejs.render('<%= name %>', { name: "The Jones's" }) | ||
.should.equal('The Jones's'); | ||
}) | ||
it("shouldn't escape &", function(){ | ||
ejs.render('<%= name %>', { name: "Us & Them" }) | ||
.should.equal('Us & Them'); | ||
}) | ||
it("shouldn't escape ]", function(){ | ||
ejs.render('<%= name %>', { name: "The Jones's" }) | ||
.should.equal('The Jones's'); | ||
}) | ||
it("should escape &foo_bar;", function(){ | ||
ejs.render('<%= name %>', { name: "&foo_bar;" }) | ||
.should.equal('&foo_bar;'); | ||
}) | ||
}) | ||
@@ -200,2 +216,17 @@ | ||
it('should truncate string', function(){ | ||
ejs.render('<%=: word | truncate: 3 %>', { word: 'World' }) | ||
.should.equal('Wor'); | ||
}) | ||
it('should append string if string is longer', function(){ | ||
ejs.render('<%=: word | truncate: 2,"..." %>', { word: 'Testing' }) | ||
.should.equal('Te...'); | ||
}) | ||
it('should not append string if string is shorter', function(){ | ||
ejs.render('<%=: word | truncate: 10,"..." %>', { word: 'Testing' }) | ||
.should.equal('Testing'); | ||
}) | ||
it('should accept arguments containing :', function(){ | ||
@@ -268,1 +299,11 @@ ejs.render('<%=: users | map:"name" | join:"::" %>', { users: users }) | ||
}) | ||
describe('require', function() { | ||
it('should allow ejs templates to be required as node modules', function() { | ||
var file = 'test/fixtures/include.ejs' | ||
, template = require(__dirname + '/fixtures/menu.ejs'); | ||
template({ filename: file, pets: users }) | ||
.should.equal(fixture('menu.html')); | ||
}) | ||
}) |
Sorry, the diff of this file is not supported yet
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
58218
1458
21