a javascript error is reported on all overrided pages containing javascript with charaters (>,&,<)

[mathieu-mbru]

Hello

a javascript error is reported on all overrided pages containing javascript with charaters (>,&,<) Example We have identified the cause that breaks the javascript code (which is encoded). The cause is the following: The view source or partial of type (Nokogiri::HTML::DocumentFragment) which encodes characters by calling the method to_s in (Module Applicator /method apply_overrides ) line 52 (source = doc.to_s) : Since we trust views files and partials, By replace this line : source = doc.to_s by this one : source = doc.to_s.gsub('&lt;', '<').gsub('&gt;', '>').gsub('&amp;', '&') The problem no longer exists A PR was carried out on the subject https://github.com/spree/deface/pull/229 Thank you for considering this update.

[nanego]

Hello @mathieu-mbru I managed to reproduce the issue. Here is a failing test. Please feel free to include it in your patch:

describe "source containing a javascript tag" do
  before { Deface::Override.new(:virtual_path => "posts/index",
                                :name => "Posts#index",
                                :remove => "p") }
  let(:source) { "<%= javascript_tag do %>if (y > 0) {y = 0;}<% end %>" }
  it "should return unmodified source" do
    expect(Dummy.apply(source, { :virtual_path => "posts/index" })).to eq("<%= javascript_tag do %>if (y > 0) {y = 0;}<% end %>")
  end
end

expected: "<%= javascript_tag do %>if (y > 0) {y = 0;}<% end %>"
     got: "<%= javascript_tag do %>if (y &gt; 0) {y = 0;}<% end %>"

[mathieu-mbru]

Ok, thank you

[salmanmp]

very good. related to #224