Navigation Menu

Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tweaks to escaping strategy in a couple places #13500

Merged
merged 7 commits into from Oct 11, 2018
Merged

Tweaks to escaping strategy in a couple places #13500

merged 7 commits into from Oct 11, 2018

Conversation

diosmosis
Copy link
Member

No description provided.

@diosmosis diosmosis added the Needs Review PRs that need a code review label Sep 29, 2018
@diosmosis diosmosis added this to the 3.6.1 milestone Sep 29, 2018
@diosmosis diosmosis added the not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org. label Sep 29, 2018
sgiehl
sgiehl reviewed Sep 30, 2018
View reviewed changes
Copy link
Member

@sgiehl sgiehl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Locally the encoding in site selector looks fine when creating a site with special chars in the name. But the UI tests shows the values encoded. See https://builds-artifacts.matomo.org/matomo-org/matomo/email-escaping/30265/SiteSelector_loaded.png

plugins/Annotations/templates/getEvolutionIcons.twig Outdated
@@ -5,7 +5,7 @@
<span data-date="{{ date }}" data-count="{{ counts.count }}" data-starred="{{ counts.starred }}"
{% if counts.count == 0 %}title="{{ 'Annotations_AddAnnotationsFor'|translate(date) }}"
{% elseif counts.count == 1 %}title="{{ 'Annotations_AnnotationOnDate'|translate(date,
counts.note)|raw }}
counts.note)|e('html_attr') }}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Theoretically it would be enough to only escape counts.note. That would allow the translation to contain html tags (which it currently doesn't have)

@diosmosis
Copy link
Member Author

diosmosis commented Sep 30, 2018
edited

@sgiehl Updated.

EDIT: Didn't fix the test failure, just saw that.

@diosmosis
Copy link
Member Author

Note: this changes the expectation of input in the siteselector, it now expects un-encoded input names and will escape everything through ng-bind or |escape in the templates.

sgiehl
sgiehl approved these changes Oct 11, 2018
View reviewed changes
Copy link
Member

@sgiehl sgiehl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Test failures seem to be unrelated to this changes so should be good to merge

@diosmosis diosmosis merged commit cdbf944 into 3.x-dev Oct 11, 2018
@diosmosis diosmosis deleted the email-escaping branch October 11, 2018 20:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sgiehl sgiehl sgiehl approved these changes

Assignees
No one assigned
Labels
Needs Review PRs that need a code review not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org.
Projects
None yet
Milestone
3.6.1
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@diosmosis @sgiehl