diff options
| -rw-r--r-- | libs/core/luasrc/util.lua | 33 | ||||
| -rw-r--r-- | libs/web/luasrc/sauth.lua | 1 | ||||
| -rw-r--r-- | libs/web/luasrc/template.lua | 6 |
3 files changed, 12 insertions, 28 deletions
diff --git a/libs/core/luasrc/util.lua b/libs/core/luasrc/util.lua index 2d821acff..48b6fa063 100644 --- a/libs/core/luasrc/util.lua +++ b/libs/core/luasrc/util.lua @@ -375,27 +375,14 @@ function clone(object, deep) return copy end --- Test whether the given table value is a numerically indexed table. -function _is_numeric_table(t) - local k = pairs(t)(t) - return ( tonumber(k) ~= nil ) -end - -- Serialize the contents of a table value. function _serialize_table(t) local data = "" - if _is_numeric_table(t) then - for i, v in ipairs(t) do - v = serialize_data(v) - data = data .. ( #data > 0 and ", " or "" ) .. v - end - else - for k, v in pairs(t) do - k = serialize_data(k) - v = serialize_data(v) - data = data .. ( #data > 0 and "; " or "" ) .. - '[' .. k .. '] = ' .. v - end + for k, v in pairs(t) do + k = serialize_data(k) + v = serialize_data(v) + data = data .. ( #data > 0 and ", " or "" ) .. + '[' .. k .. '] = ' .. v end return data end @@ -410,15 +397,13 @@ function serialize_data(val) if val == nil then return "nil" elseif type(val) == "number" then - return tostring(val) + return val elseif type(val) == "string" then - val = val:gsub("\\", "\\\\") - :gsub("\r", "\\r") - :gsub("\n", "\\n") - :gsub('"','\\"') - return '"' .. val .. '"' + return string.format("%q", val) elseif type(val) == "boolean" then return val and "true" or "false" + elseif type(val) == "function" then + return string.format("loadstring(%q)", get_bytecode(val)) elseif type(val) == "table" then return "{ " .. _serialize_table(val) .. " }" else diff --git a/libs/web/luasrc/sauth.lua b/libs/web/luasrc/sauth.lua index d838f84f6..fc4942b97 100644 --- a/libs/web/luasrc/sauth.lua +++ b/libs/web/luasrc/sauth.lua @@ -14,6 +14,7 @@ $Id$ ]]-- module("luci.sauth", package.seeall) require("luci.fs") +require("luci.util") require("luci.config") diff --git a/libs/web/luasrc/template.lua b/libs/web/luasrc/template.lua index dc0ccf620..12b80bec8 100644 --- a/libs/web/luasrc/template.lua +++ b/libs/web/luasrc/template.lua @@ -68,10 +68,8 @@ function compile(template) template = template:gsub("(%s*)<%%(%-?)(.-)(%-?)%%>(%s*)", expr_add) local function sanitize(s) - s = luci.util.escape(s) - s = luci.util.escape(s, "'") - s = luci.util.escape(s, "\n") - return s + s = string.format("%q", s) + return s:sub(2, #s-1) end -- Escape and sanitize all the template (all non-expressions) |