如何逃避Ruby中的单引号？

I am passing some JSON to a server via a script (not mine) that accepts the JSON as a string.

我通过脚本（不是我的）将一些JSON传递给服务器，该脚本接受JSON作为字符串。

Some of the content of the JSON contains single quotes so I want to ensure that any single quotes are escaped before being passed to the script.

JSON的某些内容包含单引号，因此我希望确保在传递给脚本之前对任何单引号进行转义。

I have tried the following:

我尝试过以下方法：

> irb
> 1.9.3p194 :001 > x = "that's an awesome string"
>  => "that's an awesome string" 
> 1.9.3p194 :002 > x.sub("'", "\'")
>  => "that's an awesome string" 
> 1.9.3p194 :003 > x.sub("'", "\\'")
>  => "thats an awesome strings an awesome string"

but can't seem to get the syntax right.

但似乎无法使语法正确。

4 个解决方案

#1

The reason sub("'", "\'") does not work is because "\'" is the same as "'". Within double quotes, escaping of a single quote is optional.

sub（“'”，“\”“）不起作用的原因是因为”\“与”'“相同。在双引号内，单引号的转义是可选的。

The reason sub("'", "\\'") does not work is because "\\'" expands to a backslash followed by a single quote. Within sub or gsub argument, a backslash followed by some characters have special meaning comparable to the corresponding global variable. Particularly in this case, the global variable $' holds the substring after the last matching point. Your "\\'" within sub or gsub argument position refers to a similar thing. In order to avoid this special convention, you should put the replacement string in a block instead of an argument, and since you want to match not just one, you should use gsub instead of sub:

sub（“'”，“\\'”）不起作用的原因是因为“\\'”扩展为反斜杠后跟单引号。在sub或gsub参数中，反斜杠后跟一些字符具有与相应的全局变量相当的特殊含义。特别是在这种情况下，全局变量$'在最后一个匹配点之后保存子字符串。 sub或gsub参数位置中的“\\”“指的是类似的东西。为了避免这种特殊约定，你应该将替换字符串放在一个块而不是一个参数中，并且由于你不想只匹配一个，你应该使用gsub而不是sub：

gsub("'"){"\\'"}

#2

Why aren't you using the JSON gem?

你为什么不使用JSON gem？

require 'json'
some_object = {'a string' => "this isn't escaped because JSON handles it.", 'b' => 2}

puts some_object.to_json
=> {"a string":"this isn't escaped because JSON handles it.","b":2}

And a round-trip example:

还有一个往返的例子：

require 'pp'
pp JSON[some_object.to_json]
=> {
    "a string" => "this isn't escaped because JSON handles it.",
        "b" => 2
}

And an example with double-quotes:

以及双引号的示例：

some_object = {
  'a string'       => "this isn't escaped because JSON handles it.",
  'another string' => 'double-quotes get "escaped"'
}
puts some_object.to_json
=> {
            "a string" => "this isn't escaped because JSON handles it.",
      "another string" => "double-quotes get \"escaped\""
  }

#3

It's likely that if you are trying to escape a single quote (apostrophe), you want to also escape double quotes. (This would apply for Javascript/JSON)

如果你试图逃避单引号（撇号），你可能也想逃避双引号。（这适用于Javascript / JSON）

The easiest way is to use escape_javascript http://api.rubyonrails.org/classes/ActionView/Helpers/JavaScriptHelper.html it "Escapes carriage returns and single and double quotes for JavaScript segments."

最简单的方法是使用escape_javascript http://api.rubyonrails.org/classes/ActionView/Helpers/JavaScriptHelper.html它“逃避回车以及JavaScript段的单引号和双引号”。

NOTE this works only for Ruby on Rails, not plain Ruby. However you can make a polyfill for plain Ruby using something like this:

注意这仅适用于Ruby on Rails，而不适用于纯Ruby。但是，您可以使用以下内容为纯Ruby创建polyfill：

JS_ESCAPE_MAP   =   { '\\' => '\\\\', '</' => '<\/', "\r\n" => '\n', "\n" => '\n', "\r" => '\n', '"' => '\\"', "'" => "\\'" }

def escape_javascript(javascript)
  if javascript
    result = javascript.gsub(/(\|<\/|\r\n|\342\200\250|\342\200\251|[\n\r"'])/u) {|match| JS_ESCAPE_MAP[match] }
  else
    ''
  end
end

#4

Try this way, use backslash to escape:

试试这种方法，使用反斜杠来逃避：

puts 'sean\'s'

output should be:

输出应该是：

sean's

#1