diff --git a/CHANGELOG.md b/CHANGELOG.md index ec43480..c2228a7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,7 +5,6 @@ * Add `getHeaderWithCredentials` for leverage cookie-based authentication in all API requests. Refs STUTL-32. * Add `getSourceSuppressor` to build action suppressor based on an entry sources. Refs STUTL-34. * *BREAKING* Bump `react` to `v18`. Refs STUTL-35. -* *BREAKING* `escapeCqlValue` escapes `" \ ^ * ?`. Refs STUTL-33. ## [5.2.1](https://github.com/folio-org/stripes-util/tree/v5.2.1) (2023-01-30) [Full Changelog](https://github.com/folio-org/stripes-util/compare/v5.2.0...v5.2.1) diff --git a/lib/escapeCqlValue.js b/lib/escapeCqlValue.js index 5509403..b06d083 100644 --- a/lib/escapeCqlValue.js +++ b/lib/escapeCqlValue.js @@ -1,11 +1,10 @@ /** - * Escape quote ("), backslash (\), caret(^), star (*) and question mark (?) - * characters in a string by pre-pending them with a single backslash. - * See https://www.loc.gov/standards/sru/cql/contextSets/theCqlContextSet.html + * Escape quote (") and backslash (\) characters in a string by pre-pending + * them with a single backslash. * * @param string a string - * @return string the input string with the five special CQL characters masked + * @return string the input string with quotes and backslashes escaped */ export default function escapeCqlValue(str) { - return str.replace(/["\\^*?]/g, c => '\\' + c); + return str.replace(/"|\\/g, c => '\\' + c); } diff --git a/lib/escapeCqlValue.test.js b/lib/escapeCqlValue.test.js index 4a0803c..2f90d1d 100644 --- a/lib/escapeCqlValue.test.js +++ b/lib/escapeCqlValue.test.js @@ -2,13 +2,19 @@ import { describe, expect, test } from '@jest/globals'; import escapeCqlValue from './escapeCqlValue'; -describe('escapeCqlValue masks all five CQL special characters', () => { - test.each([ - ['', ''], - ['foo_bar baz%', 'foo_bar baz%'], - ['f"o\\o^b*a?r', 'f\\"o\\\\o\\^b\\*a\\?r'], - ['?*^\\"??**^^\\\\""', '\\?\\*\\^\\\\\\"\\?\\?\\*\\*\\^\\^\\\\\\\\\\"\\"'], - ])('escapeCqlValue(%p) should be %p', (raw, expected) => { - expect(escapeCqlValue(raw)).toEqual(expected); +describe('correctly escapes CQL special characters', () => { + test('does not modify non-special strings', () => { + const str = 'abc'; + expect(escapeCqlValue(str)).toEqual(str); + }); + + test('escapes quote (") with a backslash', () => { + const str = 'a"b"c'; + expect(escapeCqlValue(str)).toEqual('a\\"b\\"c'); + }); + + test('escapes backslash (\\) with a backslash', () => { + const str = 'a\\b\\c'; + expect(escapeCqlValue(str)).toEqual('a\\\\b\\\\c'); }); });