# HG changeset patch
# User jbe/bsw
# Date 1264959458 -3600
# Node ID 64f4540ce88c528511dd6e91f5a6474f18205d62
# Parent  f02e14d1e69e28d25f7aa9838ab98dec7b2b7080
CDATA-escaping with JavaScript comments for ui.script

diff -r f02e14d1e69e -r 64f4540ce88c framework/env/ui/script.lua
--- a/framework/env/ui/script.lua	Sun Jan 31 18:36:35 2010 +0100
+++ b/framework/env/ui/script.lua	Sun Jan 31 18:37:38 2010 +0100
@@ -7,12 +7,10 @@
   script        = script,         -- string or function for script content
 }
 
-This function is used to insert a script into the active slot. It is currently not XML compliant and the script must not contain a closing script tag.
+This function is used to insert a script into the active slot.
 
 --]]--
 
--- TODO: CDATA or SGML comment?
-
 function ui.script(args)
   local args = args or {}
   local noscript_attr = args.noscript_attr
@@ -20,12 +18,6 @@
   local attr = table.new(args.attr)
   attr.type = attr.type or args.type or "text/javascript"
   local script = args.script
-  if script and type(script) ~= "function" then
-    -- disable HTML entity escaping
-    script = function()
-      slot.put(args.script)
-    end
-  end
   if args.external then
     attr.src = encode.url{ external = args.external }
   elseif args.static then
@@ -37,6 +29,21 @@
   if attr.src then
     ui.tag{ tag = "script", attr = attr, content = "" }
   elseif script then
-    ui.tag{ tag = "script", attr = attr, content = script }
+    ui.tag{
+      tag  = "script",
+      attr = attr,
+      content = function()
+        slot.put("/* <![CDATA[ */")
+        local script_string
+        if type(script) == "function" then
+          script_string = slot.use_temporary(script)
+        else
+          script_string = script
+        end
+        -- Using double parenthesis in following command is important
+        slot.put((string.gsub(script_string, "]]>", "]]]]><![CDATA[>")))
+        slot.put("/* ]]> */")
+      end
+    }
   end
 end