a javascript error is reported on all overrided pages containing javascript with charaters (>,&,<)

[mathieu-mbru]

Hello

a javascript error is reported on all overrided pages containing javascript with charaters (>,&,<)
Example



We have identified the cause that breaks the javascript code (which is encoded).
The cause is the following:
The view source or partial of type (Nokogiri::HTML::DocumentFragment) which encodes characters by calling the method to_s in (Module Applicator /method apply_overrides ) line 52 (source = doc.to_s) :

Since we trust views files and partials,
By replace this line :
source = doc.to_s
by this one :
source = doc.to_s.gsub('&lt;', '<').gsub('&gt;', '>').gsub('&amp;', '&')
The problem no longer exists
A PR was carried out on the subject #229
Thank you for considering this update.

[nanego]

Hello @mathieu-mbru
I managed to reproduce the issue.
Here is a failing test. Please feel free to include it in your patch:

describe "source containing a javascript tag" do
  before { Deface::Override.new(:virtual_path => "posts/index",
                                :name => "Posts#index",
                                :remove => "p") }
  let(:source) { "<%= javascript_tag do %>if (y > 0) {y = 0;}<% end %>" }
  it "should return unmodified source" do
    expect(Dummy.apply(source, { :virtual_path => "posts/index" })).to eq("<%= javascript_tag do %>if (y > 0) {y = 0;}<% end %>")
  end
end

expected: "<%= javascript_tag do %>if (y > 0) {y = 0;}<% end %>"
     got: "<%= javascript_tag do %>if (y &gt; 0) {y = 0;}<% end %>"

[mathieu-mbru]

Ok, thank you

[salmanmp]

very good. related to #224