Description
The JavaDoc for org.apache.wicket.util.string.JavascriptUtils.escapeQuotes(CharSequence) states:
"Escape quotes and double quotes so that they can be part of e.g. an alert call."
But the actual implementation only escapes quotes:
CharSequence s = input;
if (s != null)
{
s = Strings.replaceAll(s, "'", "
'");
}
return s;
Either the javadoc must be amended or the implementation must also escape double quotes which probably would be the better choice as alerts can both specified using single or double quotes.