From 0ed5f8024883c722b50150577e8b6270a4544927 Mon Sep 17 00:00:00 2001 From: Tim de Koning Date: Thu, 9 Feb 2012 09:54:30 +0100 Subject: [PATCH] escape XML in SVG strings --- src/text.class.js | 4 ++-- src/util/lang_string.js | 16 ++++++++++++++-- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/src/text.class.js b/src/text.class.js index 6364b57e..0e1f88fb 100644 --- a/src/text.class.js +++ b/src/text.class.js @@ -328,7 +328,7 @@ toFixed(lineTopOffset + (i === 0 ? this._shadowOffsets[j][1] : 0), 2), '" ', this._getFillAttributes(this._shadows[j].color), '>', - textLines[i], + fabric.util.string.escapeXml(textLines[i]), ''); lineTopOffsetMultiplier = 1; } else { @@ -355,7 +355,7 @@ toFixed(lineTopOffset * lineTopOffsetMultiplier, 2) , '" ', // doing this on elements since setting opacity on containing one doesn't work in Illustrator this._getFillAttributes(this.fill), '>', - textLines[i], + fabric.util.string.escapeXml(textLines[i]), '' ); lineTopOffsetMultiplier = 1; diff --git a/src/util/lang_string.js b/src/util/lang_string.js index 663066d5..1687274f 100644 --- a/src/util/lang_string.js +++ b/src/util/lang_string.js @@ -1,3 +1,5 @@ +(function() { + if (!String.prototype.trim) { /** * Trims a string (removing whitespace from the beginning and the end) @@ -34,8 +36,18 @@ function capitalize(string) { return string.charAt(0).toUpperCase() + string.slice(1).toLowerCase(); } +function escapeXml(string) { + return string.replace('&', '&') + .replace('"', '"') + .replace("'", ''') + .replace("<", '<') + .replace(">", '>'); +} + /** @namespace */ fabric.util.string = { camelize: camelize, - capitalize: capitalize -}; \ No newline at end of file + capitalize: capitalize, + escapeXml: escapeXml +}; +}());