_.each(keysToInject, function eachRelevantKey(key){ var unsafeVal = options.data[key]; // If this top-level key in the provided data is undefined, exclude it altogether. if (_.isUndefined(unsafeVal)) { return; } // Now, dive into `unsafeVal` and recursively HTML-escape any nested strings. // Then, compile the whole thing into a JavaScript string which will accurately // represent it as an r-value (watching out for circular refs along the way). var escapedData = rttc.compile(escapeHtmlEntitiesDeep(unsafeVal)); // If the `dontUnescapeOnClient` flag was set, then just stick the compiled, // still-HTML-escaped data in place. (It will have to be recursively unescaped // by hand in the app's custom client-side code!) if (options.dontUnescapeOnClient) { html += ''+key+': '+escapedData+','; } // Otherwise, we're including the client-side code to unescape the data, // so run our unescape function from above. else { html += ''+key+': unescape('+escapedData+'),'; } });
fn: function (inputs,exits) { var rttc = require('rttc'); return exits.success(rttc.compile(inputs.value)); }