From 28bc8d3c7b998ff468e2d74cc396d9edd72d32d7 Mon Sep 17 00:00:00 2001 From: "silver%warwickcompsoc.co.uk" Date: Mon, 23 Oct 2006 18:40:33 +0000 Subject: [PATCH] Bug 270302 - Escape CSV profiler output. JavaScript Debugger only. r=rginda git-svn-id: svn://10.0.0.236/trunk@214009 18797224-902f-48f8-a5cc-f745e15eee43 --- .../resources/content/venkman-profiler.js | 4 +++- .../venkman/resources/content/venkman-utils.js | 18 +++++++++++++++++- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/mozilla/extensions/venkman/resources/content/venkman-profiler.js b/mozilla/extensions/venkman/resources/content/venkman-profiler.js index be8f12cb6ff..569796e87f5 100644 --- a/mozilla/extensions/venkman/resources/content/venkman-profiler.js +++ b/mozilla/extensions/venkman/resources/content/venkman-profiler.js @@ -61,9 +61,11 @@ function ProfileReport (reportTemplate, file, rangeList, scriptInstanceList) this.scriptInstanceList = scriptInstanceList; this.key = "total"; - // Escape bad characters for HTML and XML profiles. + // Escape bad characters for HTML, XML and CSV profiles. if (/\.(html|xml)\.tpl$/.test(this.reportTemplate.__url__)) this.escape = safeHTML; + else if (/\.csv\.tpl$/.test(this.reportTemplate.__url__)) + this.escape = safeCSV; else this.escape = function _nop_escape(s) { return s }; } diff --git a/mozilla/extensions/venkman/resources/content/venkman-utils.js b/mozilla/extensions/venkman/resources/content/venkman-utils.js index b7d6db47e0e..98764a5504a 100644 --- a/mozilla/extensions/venkman/resources/content/venkman-utils.js +++ b/mozilla/extensions/venkman/resources/content/venkman-utils.js @@ -239,10 +239,26 @@ function safeHTML(str) return "?"; }; - + return String(str).replace(/[<>&"']/g, replaceChars); } +function safeCSV(str) +{ + function replaceChars(ch) + { + switch (ch) + { + case '"': + return '""'; + } + + return "?"; + } + + return '"' + String(str).replace(/"/g, replaceChars) + '"'; +} + function alert(msg, parent, title) { var PROMPT_CTRID = "@mozilla.org/embedcomp/prompt-service;1";