python convert str to javascript literal string

Question

I want to use python to generate javascript code dynamiclly.

def convert(jsstring=''):
    return 'function dosomething () { return %s.toLowerCase(); }' % jsstring

The problem is jsstring is a python string.

How can i convert it back to javascript string literal to make dosomething a valid javascript function ?

for example

call

convert("javascript")

now output

 function dosomething () { return javascript.toLowerCase(); }

which is not a valid javascript function

expected output

 function dosomething () { return "javascript".toLowerCase(); }

another example, call

convert("javascript\'")

expected output

 function dosomething () { return "javascript\'".toLowerCase(); }

Thanks a lot.

what is "python string lexical"?

Hamish
– Hamish

2012-05-01 08:36:11 +00:00
Commented May 1, 2012 at 8:36 — Hamish
– Hamish, Commented May 1, 2012 at 8:36

georg · Accepted Answer · 2012-05-01 08:59:09Z

3

You want json:

import json

jsstring = """
    foo "bar"
"""

print 'function dosomething () { return %s.toLowerCase(); }' % json.dumps(jsstring)

Suggested repr won't work with unicode strings:

jsstring = u"\u1234"
print 'function dosomething () { return %s.toLowerCase(); }' % repr(jsstring)

returns

function dosomething () { return u'\u1234'.toLowerCase(); }

which is not valid javascript.

edited May 1, 2012 at 8:59

answered May 1, 2012 at 8:50

georg

216k57 gold badges324 silver badges401 bronze badges

Sign up to request clarification or add additional context in comments.

2 Comments

rubik Over a year ago

Using json here just for string quoting is a bit of an overkill.

georg Over a year ago

@CiroSantilli: json.dumps uses ensure_ascii=True by default, so weird unicodes are not an issue.

Eli Bendersky · Accepted Answer · 2012-05-01 08:40:18Z

2

How about adding appropriate quotes around %s, i.e.:

'function dosomething () { return "%s".toLowerCase(); }' % jsstring

Here's a command-line session to clarify the difference:

In [10]: joe = 'somestring'

In [11]: '%s.toLowerCase();' % joe
Out[11]: 'somestring.toLowerCase();'

In [12]: '"%s".toLowerCase();' % joe
Out[12]: '"somestring".toLowerCase();'

answered May 1, 2012 at 8:40

Eli Bendersky

276k92 gold badges371 silver badges427 bronze badges

1 Comment

wukong Over a year ago

not that simple. how about convert("javascript\'"). the return will be 'javascript ''.toLowerCase(); it illegal in javascript

Hamish · Accepted Answer · 2012-05-01 08:40:35Z

2

Step through your code:

def convert(jsstring=''):
    return 'function dosomething () { return %s.toLowerCase(); }' % jsstring

Now, if jsstring is "Foo", what does it produce?

function dosomething () { return Foo.toLowerCase(); }

Of course this will fail. There is no variable called Foo set in the javascript function.

In all likelihood, you wanted a string literal:

def convert(jsstring=''):
    return 'function dosomething () { return "%s".toLowerCase(); }' % jsstring

Of course, you'll need to make sure nothing goes wrong if jsstring includes quotes, linebreaks and other sensitive characters. I'll leave that to you.

answered May 1, 2012 at 8:40

Hamish

23.4k8 gold badges57 silver badges67 bronze badges

1 Comment

Hamish Over a year ago

should get them on the right track. Don't have unlimited time.

rubik · Accepted Answer · 2012-05-01 09:03:56Z

2

Use repr inside string interpolation:

>>> 'This is a string: %r' % ('python string')
'This is a string: "python string"'

So just replace %s with %r in your code. repr() will do the work for you.

edited May 1, 2012 at 9:03

answered May 1, 2012 at 8:55

rubik

9,18410 gold badges65 silver badges94 bronze badges

Comments

ninjagecko · Accepted Answer · 2012-05-01 08:54:03Z

1

Use repr, or else your string will not work if it contains " or '. For example:

... % repr(jsstring)

Failure to use repr may also be a security vulnerability (via injection of " or ' or other characters). Failure to use repr may also cause your javascript to fail if your string contains those characters. Though if security is a concern, you will also want to avoid text like </script>, and other things, by putting it through a proper escaping system, or encode it in something like base64.

edited May 1, 2012 at 8:54

answered May 1, 2012 at 8:48

ninjagecko

91.5k24 gold badges143 silver badges153 bronze badges

Comments

Abhijit · Accepted Answer · 2012-05-01 08:54:45Z

You better quote the string appropriately what ever you are passing to the function. This will keep things simple

For the example mentioned

>>> convert('"javascript"')
'function dosomething () { return "javascript".toLowerCase(); }'

And if you want to pass a quoted string, escape it appropiately

>>> print convert("\"javascript\"\"")
function dosomething () { return "javascript"".toLowerCase(); }

And remember if you want the raw representation, always use repr, you will get what you are intending

>>> repr(convert("\"javascript\"\""))
'\'function dosomething () { return "javascript"".toLowerCase(); }\''

or to keep it transparent, add the repr inside the function.

>>> def convert(jsstring=''):
    return repr('function dosomething () { return %s.toLowerCase(); }' % jsstring)

>>> convert("\"javascript\"\"")
'\'function dosomething () { return "javascript"".toLowerCase(); }\''

Collectives™ on Stack Overflow

python convert str to javascript literal string

6 Answers 6

2 Comments

1 Comment

1 Comment

Comments

Comments

Comments

Your Answer

Hot Network Questions

Collectives™ on Stack Overflow

6 Answers 6

2 Comments

1 Comment

1 Comment

Comments

Comments

Comments

Your Answer

Sign up or log in

Post as a guest

Related