0

A guy I'm helping out is using an ecommerce CMS (CSCart). Their code is escapes single quotes for security reasons I presume (I'm not very good with js).

<script>
function share_click()
{

  RPXNOW.loadAndRun(['Social'], function () {  <--- This line gets escaped around social
    var activity = new RPXNOW.Social.Activity(
       "Share your comment",
       "commented on 'Like My New Perfume?' on cuteoverload.com",  <--- This line as well
       "http://cuteoverload.com/2009/10/26/like-my-new-perfume/");

    RPXNOW.Social.publishActivity(activity,
      {finishCallback:function(data){
        window.location = "http://google.com/"
      }
    });
  });

}
</script>

Any ideas how I can work around this?

Kyle Parisi
  • 1,316
  • 1
  • 11
  • 14

3 Answers3

0

Try using :

 &apos;

instead of '

Or as someone else had commented the \' usually keeps the apostrophe from breaking.

jveselka
  • 88
  • 6
0

try

<script>
function share_click() {
  var arr = ["Social"];

  RPXNOW.loadAndRun(arr, function () {  
    var activity = new RPXNOW.Social.Activity(
       "Share your comment",
       "commented on `Like My New Perfume?` on cuteoverload.com",  
       "http://cuteoverload.com/2009/10/26/like-my-new-perfume/");

    RPXNOW.Social.publishActivity(activity,
      {finishCallback:function(data){
        window.location = "http://google.com/"
      }
    });
  });

}
</script>
mplungjan
  • 169,008
  • 28
  • 173
  • 236
0

Just use double quotes. If your example is accurate, the double quotes around "http://google.com/" don't get escaped, right? So, problem solved.

And as to the single quotes inside the double-quoted string, do these cause problems if they're escaped? I tried, but I can't find a difference in behaviour whether those inner quotes are escaped or not.

Mr Lister
  • 45,515
  • 15
  • 108
  • 150