From 172dbf9faf4cb71dff72c77fdfe80fa1932d1ba3 Mon Sep 17 00:00:00 2001 From: Evan You Date: Tue, 29 Aug 2017 23:32:28 +0200 Subject: [PATCH] fix(ssr): should also escape static text content fix #6345 --- src/server/optimizing-compiler/codegen.js | 4 ++-- test/ssr/ssr-string.spec.js | 9 +++++++++ 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/src/server/optimizing-compiler/codegen.js b/src/server/optimizing-compiler/codegen.js index 4e0c6511b1e..f494f8fad0a 100644 --- a/src/server/optimizing-compiler/codegen.js +++ b/src/server/optimizing-compiler/codegen.js @@ -22,8 +22,8 @@ import { applyModelTransform } from './modules' +import { escape } from 'web/server/util' import { optimizability } from './optimizer' - import type { CodegenResult } from 'compiler/codegen/index' export type StringSegment = { @@ -222,7 +222,7 @@ function nodesToSegments ( } else if (c.type === 2) { segments.push({ type: INTERPOLATION, value: c.expression }) } else if (c.type === 3) { - segments.push({ type: RAW, value: c.text }) + segments.push({ type: RAW, value: escape(c.text) }) } } return segments diff --git a/test/ssr/ssr-string.spec.js b/test/ssr/ssr-string.spec.js index 24c20f9227f..683b905fda1 100644 --- a/test/ssr/ssr-string.spec.js +++ b/test/ssr/ssr-string.spec.js @@ -908,6 +908,15 @@ describe('SSR: renderToString', () => { done() }) }) + + it('should escape static strings', done => { + renderVmWithOptions(({ + template: `
<foo>
` + }), res => { + expect(res).toBe(`
<foo>
`) + done() + }) + }) }) function renderVmWithOptions (options, cb) {