From ff862612da52a995aeef9a1d7429faaf2a8d2c6c Mon Sep 17 00:00:00 2001
From: Robert Raposa <rraposa@edx.org>
Date: Fri, 20 May 2016 16:04:32 -0400
Subject: [PATCH] Fix false positives on javascript_contact_html.

---
 scripts/safe_template_linter.py            | 29 +++++++++++++++++++---
 scripts/tests/test_safe_template_linter.py | 10 ++++++++
 2 files changed, 35 insertions(+), 4 deletions(-)

diff --git a/scripts/safe_template_linter.py b/scripts/safe_template_linter.py
index dcb5ff10f7..f7c1cca6b4 100755
--- a/scripts/safe_template_linter.py
+++ b/scripts/safe_template_linter.py
@@ -1365,10 +1365,31 @@ class JavaScriptLinter(BaseLinter):
         """
         lines = StringLines(file_contents)
         last_expression = None
-        # attempt to match a string that starts with '<' or ends with '>'
-        regex_string_with_html = r"""["'](?:\s*<.*|.*>\s*)["']"""
-        regex_concat_with_html = r"(\+\s*{}|{}\s*\+)".format(regex_string_with_html, regex_string_with_html)
-        for match in re.finditer(regex_concat_with_html, file_contents):
+        # Match quoted strings that starts with '<' or ends with '>'.
+        regex_string_with_html = r"""
+            {quote}                             # Opening quote.
+                (
+                   \s*<                         # Starts with '<' (ignoring spaces)
+                   ([^{quote}]|[\\]{quote})*    # followed by anything but a closing quote.
+                |                               # Or,
+                   ([^{quote}]|[\\]{quote})*    # Anything but a closing quote
+                   >\s*                         # ending with '>' (ignoring spaces)
+                )
+            {quote}                             # Closing quote.
+        """
+        # Match single or double quote.
+        regex_string_with_html = "({}|{})".format(
+            regex_string_with_html.format(quote="'"),
+            regex_string_with_html.format(quote='"'),
+        )
+        # Match quoted HTML strings next to a '+'.
+        regex_concat_with_html = re.compile(
+            r"(\+\s*{string_with_html}|{string_with_html}\s*\+)".format(
+                string_with_html=regex_string_with_html,
+            ),
+            re.VERBOSE
+        )
+        for match in regex_concat_with_html.finditer(file_contents):
             found_new_violation = False
             if last_expression is not None:
                 last_line = lines.index_to_line_number(last_expression.start_index)
diff --git a/scripts/tests/test_safe_template_linter.py b/scripts/tests/test_safe_template_linter.py
index 01e744ed54..f2f4d22a10 100644
--- a/scripts/tests/test_safe_template_linter.py
+++ b/scripts/tests/test_safe_template_linter.py
@@ -1079,7 +1079,17 @@ class TestJavaScriptLinter(TestLinter):
     @data(
         {'template': 'var m = "Plain text " + message + "plain text"', 'rule': None},
         {'template': 'var m = "檌檒濦 " + message + "plain text"', 'rule': None},
+        {
+            'template':
+                ("""$email_header.append($('<input>', type: "button", name: "copy-email-body-text","""
+                 """ value: gettext("Copy Email To Editor"), id: 'copy_email_' + email_id))"""),
+            'rule': None
+        },
         {'template': 'var m = "<p>" + message + "</p>"', 'rule': Rules.javascript_concat_html},
+        {
+            'template': r'var m = "<p>\"escaped quote\"" + message + "\"escaped quote\"</p>"',
+            'rule': Rules.javascript_concat_html
+        },
         {'template': '  // var m = "<p>" + commentedOutMessage + "</p>"', 'rule': None},
         {'template': 'var m = " <p> " + message + " </p> "', 'rule': Rules.javascript_concat_html},
         {'template': 'var m = " <p> " + message + " broken string', 'rule': Rules.javascript_concat_html},