Reviewers: felix8a,
Description:
Patch provided by Yonatan Offek in
<https://code.google.com/p/google-caja/issues/detail?id=1856>.
I have checked that the reuse of RegExp objects with the 'g' flag is
safe, because replace always resets lastIndex to 0 (according to the
ES5.1 spec).
Please review this at https://codereview.appspot.com/13396049/
Affected files (+4, -6 lines):
M src/com/google/caja/plugin/csslexer.js
Index: src/com/google/caja/plugin/csslexer.js
===================================================================
--- src/com/google/caja/plugin/csslexer.js (revision 5591)
+++ src/com/google/caja/plugin/csslexer.js (working copy)
@@ -207,13 +207,13 @@
BOM, UNICODE_RANGE, URI, FUNCTION, WORD_TERM, STRING, NUMERIC_VALUE,
CDO, CDC, S, COMMENT, CMP_OPS, CHAR].join("|"), 'gi');
+ var CSS_DECODER = new RegExp('\\\\(?:' + ESCAPE_TAIL + '|' + NL
+ ')', 'g');
+ var URL_RE = new RegExp('^url\\(' + W + '["\']?|["\']?' + W
+ '\\)$', 'gi');
/**
* Decodes CSS escape sequences in a CSS string body.
*/
decodeCss = function (css) {
- return css.replace(
- new RegExp('\\\\(?:' + ESCAPE_TAIL + '|' + NL + ')', 'g'),
- decodeCssEscape);
+ return css.replace(CSS_DECODER, decodeCssEscape);
};
/**
@@ -254,9 +254,7 @@
// Make sure that all url(...)s are double quoted.
: /url\(/i.test(tok)
? 'url(' + escapeCssString(
- tok.replace(
- new RegExp('^url\\(' + W + '["\']?|["\']?' + W
+ '\\)$', 'gi'),
- ''),
+ tok.replace(URL_RE, ''),
escapeCssUrlChar)
+ ')'
// Escapes in identifier like tokens will have been normalized
above.
--
---
You received this message because you are subscribed to the Google Groups "Google Caja Discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
