Fix code scanning alert no. 5: Incomplete string escaping or encoding

Konstantin Dinev · github-advanced-security[bot] · web-flow · commit 95d8cba4f29f · 2024-11-15T10:49:30.000+02:00
Co-authored-by: Copilot Autofix powered by AI &lt;62310815+github-advanced-security[bot]@users.noreply.github.com&gt;
diff --git a/src/js/modules/infragistics.templating.js b/src/js/modules/infragistics.templating.js
@@ -186,8 +186,9 @@
 				    splitName = tempToken[ 1 ].split(".");
 
 					// K.D. September 25th, 2012 Bug #122463 The property can contain $ in its name.
-					template = template.replace(new RegExp("\\$\\{" + tempToken[ 1 ].replace(/\$/g, "\\$") + "\\}", "g"), "");
-					tempToken[ 3 ] = new RegExp("\\$\\{" + tempToken[ 1 ].replace(/\$/g, "\\$")  + "\\}", "g");
+					tempToken[ 1 ] = tempToken[ 1 ].replace(/\\/g, "\\\\").replace(/\$/g, "\\$");
+					template = template.replace(new RegExp("\\$\\{" + tempToken[ 1 ] + "\\}", "g"), "");
+					tempToken[ 3 ] = new RegExp("\\$\\{" + tempToken[ 1 ] + "\\}", "g");
 					tempToken[ 1 ] = splitName;
 					tempToken[ 2 ] = true;
 					this.tokens.push(tempToken);
@@ -200,8 +201,9 @@
 				    splitName = tempToken[ 1 ].split(".");
 
 					// K.D. September 25th, 2012 Bug #122463 The property can contain $ in its name.
-					template = template.replace(new RegExp("\\{\\{html\\s+" + tempToken[ 1 ].replace(/\$/g, "\\$") + "\\}\\}", "g"), "");
-					tempToken[ 3 ] = new RegExp("\\{\\{html\\s+" + tempToken[ 1 ].replace(/\$/g, "\\$") + "\\}\\}", "g");
+					tempToken[ 1 ] = tempToken[ 1 ].replace(/\\/g, "\\\\").replace(/\$/g, "\\$");
+					template = template.replace(new RegExp("\\{\\{html\\s+" + tempToken[ 1 ] + "\\}\\}", "g"), "");
+					tempToken[ 3 ] = new RegExp("\\{\\{html\\s+" + tempToken[ 1 ] + "\\}\\}", "g");
 					tempToken[ 1 ] = splitName;
 					tempToken[ 2 ] = false;
 					this.tokens.push(tempToken);
