New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Some translations might be displayed with encoded entities #19190
Conversation
Wouldn't it be better to just not escape them in weblate so they are escaped in twig/vue? |
@diosmosis I guess we would need to disable the safe_html filter on weblate for that, which I would prefer not to do. |
My personal opinion is that with a framework like Vue where it is, explicitly in the documentation, discouraged to ever use v-html, increased uses should be avoided. And it is much easier to simply assume all template text is unsafe and use innerText/textContent (indirectly by vue) than it is to have different classes of input where some is actually unsafe and some is maybe safe, and have to consciously remember them. That said I am not in charge of this so will defer approval of the PR to someone else. The TypeScript/Vue related changes look fine. |
@Findus23 As you are also involved in the translations stuff. What is your opinion on that one? |
Happy for you to make the decision here @sgiehl |
This issue is in "needs review" but there has been no activity for 7 days. ping @matomo-org/core-reviewers |
If you don't want this PR to be closed automatically in 28 days then you need to assign the label 'Do not close'. |
I didn't see this PR yet, but have to say that I don't have a strong opinion either way. Not using v-html (or raw) feels cleaner to me and should leave a lot less mental overhead in the whole process. But of course one needs to keep in mind that it is always possible for a translation to contain "special characters" that the English source string doesn't contain, so accidentally encoding twice can cause things like #19626 |
If you don't want this PR to be closed automatically in 28 days then you need to assign the label 'Do not close'. |
594c62d
to
fbe49d5
Compare
4e6a511
to
acad125
Compare
Description:
The were various translations including a
&
or>
. While this in general is fine, we currently have the problem that various translations of those strings now include a&
or>
instead, as weblate automatically escapes them due to the activesafe_html
filter. This can currently cause that the escaped chars are displayed in other languages.I have now converted all
&
to&
in the english sources and updated all usages of those strings so they are used 'raw', to avoid double encoding.@diosmosis I've also updated
ContentBlock.vue
so the title is included asv-html
, can you quickly check if it's fine that way?Review