New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Tweaks to escaping strategy in a couple places #13500
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Locally the encoding in site selector looks fine when creating a site with special chars in the name. But the UI tests shows the values encoded. See https://builds-artifacts.matomo.org/matomo-org/matomo/email-escaping/30265/SiteSelector_loaded.png
@@ -5,7 +5,7 @@ | |||
<span data-date="{{ date }}" data-count="{{ counts.count }}" data-starred="{{ counts.starred }}" | |||
{% if counts.count == 0 %}title="{{ 'Annotations_AddAnnotationsFor'|translate(date) }}" | |||
{% elseif counts.count == 1 %}title="{{ 'Annotations_AnnotationOnDate'|translate(date, | |||
counts.note)|raw }} | |||
counts.note)|e('html_attr') }} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Theoretically it would be enough to only escape counts.note
. That would allow the translation to contain html tags (which it currently doesn't have)
@sgiehl Updated. EDIT: Didn't fix the test failure, just saw that. |
Note: this changes the expectation of input in the siteselector, it now expects un-encoded input names and will escape everything through ng-bind or |
e9df472
to
fb5100f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Test failures seem to be unrelated to this changes so should be good to merge
No description provided.