From 6a3badfcc7beed91f21d3b53b23c0674ef8b3de0 Mon Sep 17 00:00:00 2001
From: Trevor Parscal <trevorparscal@gmail.com>
Date: Tue, 11 Jun 2013 12:09:58 -0700
Subject: [PATCH] Improve input widget value sanitization

Objective:

* Prevent undefined and null from being converted to 'undefined' and
  'null' when given to setValue by converting them to empty string instead

Changes:

ve.ui.InputWidget.js
* Move all sanitization to one place
* Improve sanitization by adding cases for undefined and null

Change-Id: I8817a8fcac271e560a9e49887c68a035293866d4
---
 modules/ve/ui/widgets/ve.ui.InputWidget.js | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/modules/ve/ui/widgets/ve.ui.InputWidget.js b/modules/ve/ui/widgets/ve.ui.InputWidget.js
index 2e8dadd230..3645a27088 100644
--- a/modules/ve/ui/widgets/ve.ui.InputWidget.js
+++ b/modules/ve/ui/widgets/ve.ui.InputWidget.js
@@ -27,16 +27,17 @@ ve.ui.InputWidget = function VeUiInputWidget( config ) {
 
 	// Properties
 	this.$input = this.getInputElement( config );
-	this.value = config.value === undefined ? '' : config.value;
+	this.value = '';
 	this.readonly = false;
 
 	// Events
 	this.$input.on( 'keydown mouseup cut paste change input select', ve.bind( this.onEdit, this ) );
 
 	// Initialization
-	this.$input.attr( 'name', config.name ).val( this.value );
+	this.$input.attr( 'name', config.name );
 	this.setReadOnly( config.readOnly );
 	this.$.addClass( 've-ui-inputWidget' ).append( this.$input );
+	this.setValue( config.value );
 };
 
 /* Inheritance */
@@ -118,7 +119,7 @@ ve.ui.InputWidget.prototype.setValue = function ( value ) {
 		this.value = value;
 		// Only update the DOM if we must
 		if ( domValue !== this.value ) {
-			this.$input.val( this.value );
+			this.$input.val( value );
 		}
 		this.emit( 'change', this.value );
 	}
@@ -128,12 +129,14 @@ ve.ui.InputWidget.prototype.setValue = function ( value ) {
 /**
  * Sanitize incoming value.
  *
+ * Ensures value is a string, and converts undefined and null to empty strings.
+ *
  * @method
  * @param {string} value Original value
  * @returns {string} Sanitized value
  */
 ve.ui.InputWidget.prototype.sanitizeValue = function ( value ) {
-	return String( value );
+	return value === undefined || value === null ? '' : String( value );
 };
 
 /**