Fixes #4 - html encode injected properties and enable test

ext/afform/core/afform.php

@@ -329,7 +329,7 @@ function afform_civicrm_alterAngular($angular) {
             continue;
           }
           foreach ($field as &$prop) {
-            $prop = json_encode($prop, JSON_UNESCAPED_SLASHES);
+            $prop = htmlspecialchars(CRM_Utils_JS::encode($prop));
           }
           if ($existingFieldDefn) {
             $field = array_merge($field, CRM_Utils_JS::getRawProps($existingFieldDefn));

ext/afform/core/tests/phpunit/Civi/Afform/FilterTest.php

@@ -44,16 +44,17 @@ public function testDefnInjectionNested() {
     $this->assertEquals('First Name', $myField['defn']['title']);
   }
 
-  //public function testDefnOverrideTitle() {
-  //  $inputHtml = sprintf(self::PERSON_TPL,
-  //    '<div af-fieldset="person"><af-field name="first_name" defn="{title: \'Given name\'}" /></div>');
-  //  $filteredHtml = _afform_html_filter('~afform/MyForm.html', $inputHtml);
-  //  $converter = new \CRM_Afform_ArrayHtml(TRUE);
-  //  $parsed = $converter->convertHtmlToArray($filteredHtml);
-  //
-  //  $myField = $parsed[0]['#children'][1]['#children'][0];
-  //  $this->assertEquals('af-field', $myField['#tag']);
-  //  $this->assertEquals('Given name', $myField['defn']['title']);
-  //}
+  public function testDefnOverrideTitle() {
+    $inputHtml = sprintf(self::PERSON_TPL,
+      '<div af-fieldset="person"><af-field name="first_name" defn="{title: \'Given name\'}" /></div>');
+    $filteredHtml = _afform_html_filter('~afform/MyForm.html', $inputHtml);
+    $converter = new \CRM_Afform_ArrayHtml(TRUE);
+    $parsed = $converter->convertHtmlToArray($filteredHtml);
+
+    $myField = $parsed[0]['#children'][1]['#children'][0];
+    $this->assertEquals('af-field', $myField['#tag']);
+    $this->assertEquals('Given name', $myField['defn']['title']);
+    $this->assertEquals('Text', $myField['defn']['input_type']);
+  }
 
 }