JSON in Ruby
-
@myhand said:
method strips all \ characters from its arguments as it passes it into JavaScript. I think it is because it does a eval() call on the JS.
Almost - it injects a SCRIPT element in the webdialog - does pretty much the same thing.
So when you pass data to the WebDialog and something is amiss - check the string you're sending to the WebDialog - is it valid? What throws people off is that you have the quoting needed to create the Ruby string with the JS - and within the JS string you need to follow JS's own quoting and escaping rules.(Because execute_script adds a SCRIPT element for every call I prefer to remove the SCRIPT element on the JS side afterwards - as I don't like the idea of the DOM tree flooded with SCRIPT elements. I've yet to experience problems with it - but there's something about it that makes my OCD-nerve tingle.)
-
@aerilius said:
=> So finally this means we need double escaping on the Ruby side!
%(#000000)["alert('C:\\\\users')"] # Ruby string
I am sure I tried this last night, but will do some further tests again tonight.
@aerilius said:
In order to get control of such errors, we could send the code as a JavaScript string and eval() it:
%(#000000)[webdialog.execute_script("try{eval(\"}bad_$yn7aX{\")}catch(e){}")]
[/size]Nice idea, I might use this going forward.
@aerilius said:
please take a look and make use of the WebDialogX project.
I cannot access the content. I get "You do not have access to the wiki." message, even after I have registered.
-
@myhand said:
@aerilius said:
please take a look and make use of the WebDialogX project.
I cannot access the content. I get "You do not have access to the wiki." message, even after I have registered.
Sorry, it is a 5-slot private repository at this time, and we really need very experienced Rubyists for the slots.
And you are kinda re-inventing the wheel. Js has
%(#8000BF)[escape()]
and%(#8000BF)[unescape()]
, and Ruby has them in theURI
library.See topic: http://sketchucation.com/forums/viewtopic.php?f=180&t=49183#p442102
In fact I would vote for Ruby's
URI::Escape
module to be mixed into the SketchUp APIUI::WebDialog
class. -
@dan rathbun said:
Sorry, it is a 5-slot private repository at this time, and we really need very experienced Rubyists for the slots.
No problem Dan, I only looked there as Aerilius recommended I do so.
@dan rathbun said:
And you are kinda re-inventing the wheel. Js has
%(#8000BF)[escape()]
and%(#8000BF)[unescape()]
, and Ruby has them in theURI
library.See topic: http://sketchucation.com/forums/viewtopic.php?f=180&t=49183#p442102
In fact I would vote for Ruby's
URI::Escape
module to be mixed into the SketchUp APIUI::WebDialog
class.Thank you, I will try the URI library (I already use escape() in my latest JS code). I do not really want to reinvent the wheel, hence me asking the question here.
-
@aerilius said:
- You need to escape \ characters in the double-quoted javascript code that you want to bring into the webdialog (this first escaping is what makes a valid Ruby string).
%(#000000)["alert('C:\users')"] # bad Ruby string
%(#000000)["alert('C:\\users')"] # good Ruby string
- In the webdialog, the string arrives written in a script element. As always, the same escaping rules apply again:
%(#000000)[alert('C:\users')] // bad JavaScript code
%(#000000)[alert('C:\\users')] // good JavaScript code
=> So finally this means we need double escaping on the Ruby side!
%(#000000)["alert('C:\\\\users')"] # Ruby string
Thanks for a very clear explanation. I tried this last night and it worked. Need 7 '''s for a "!
- You need to escape \ characters in the double-quoted javascript code that you want to bring into the webdialog (this first escaping is what makes a valid Ruby string).
-
-
@dan rathbun said:
And you are kinda re-inventing the wheel. Js has
%(#8000BF)[escape()]
and%(#8000BF)[unescape()]
, and Ruby has them in theURI
library.See topic: http://sketchucation.com/forums/viewtopic.php?f=180&t=49183#p442102
Thanks for this Dan! It works well, and I do not need to remember the number of slashes.
I see that escape() and unescape() are deprecated though and that you are recommended to use
decodeURI()
decodeURIComponent()
Which do you recommend or should I continue with unescape()?
-
@thomthom said:
@myhand said:
Need 7 '''s for a "!
What?
Sorry, meant you need
"a JSON escaped double quote need to be specified like this \\\\\\\" in Ruby for a WebDialog call"
to produce
"a JSON escaped double quote need to be specified like this \" in Ruby for a WebDialog call"
as the parameter of the JS function called.
-
Hmmm..
given a Js function named say()
.. and a Ruby string:
jarg = %q('a JSON escaped double quote need to be specified like this %q(\") in Ruby for a WebDialog call')
I usually do something like this:
dlg.execute_script("say(#{jarg});")
or I will leave the single quotes out of the jarg string, and put them in at the call ...
jarg = %q(a JSON escaped double quote need to be specified like this %q(\") in Ruby for a WebDialog call.)
dlg.execute_script( "say('" << jarg << "');" )
-
[quote="Myhand":31wco2xd]I see that
%(#8000BF)[escape()]
and%(#8000BF)[unescape()]
are deprecated (in Javascript,) though, and that you are recommending to use [them]
***%(#BF4000)[
@unknownuser said:]***
@unknownuser said:
](http://msdn.microsoft.com/en-us/library/dz4x90hk(v)":31wco2xd]The unescape function should not be used to decode Uniform Resource Identifiers (URI). Use decodeURI and decodeURIComponent functions instead.
%(#8000BF)[decodeURI()]
%(#8000BF)[decodeURIComponent()]
Which do you recommend or should I continue with
%(#8000BF)[unescape()]
?The old functions are ASCII, the new ones are Unicode.
Taking a look at the most recent released ECMA-262 (but not the latest proposed revision,) the old functions are no longer listed.
see: ECMA-262, 5.1, Global Object: 15.1.3 URI Handling Function Properties
ECMAScript Language Specification
Standard ECMA-262
5.1 Edition / June 2011Link to the downloadable PDF of the specification.
But you need to handle the situation where an older browser does not have these functions so, write a wrapper in JS:
var unesc = function(uri) { var test = false; if (typeof(decodeURI) == "function") test = true; return test ? decodeURI(uri) ; unescape(uri); }
Advertisement