-
-
Notifications
You must be signed in to change notification settings - Fork 128
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fixes interactive.harbor issues. ref #3418 #3420
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you so much for your contribution! I added an implementation of the function using our standard API functions.
I'm approving to make sure there's no more friction. If you wouldn't mind applying the changes, we should be ready to go!
src/libs/string.liq
Outdated
# Escape HTML entities. | ||
# @category String | ||
def string.escape.html(s) = | ||
r/[&<>"']/g.replace( | ||
fun (c) -> begin | ||
if c == "&" then "&" | ||
elsif c == "<" then "<" | ||
elsif c == ">" then ">" | ||
elsif c == '"' then """ | ||
elsif c == "'" then "'" | ||
else c | ||
end | ||
end, | ||
s | ||
) | ||
end |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We have a standardized escaping routine using string.escape. This can make the implementation easier to extend and I suspect faster.
Here's an implementation using it with the %argsof
/@argsof
pre-processing to re-use the argument declaration and documentation from the function:
# Escape HTML entities. | |
# @category String | |
def string.escape.html(s) = | |
r/[&<>"']/g.replace( | |
fun (c) -> begin | |
if c == "&" then "&" | |
elsif c == "<" then "<" | |
elsif c == ">" then ">" | |
elsif c == '"' then """ | |
elsif c == "'" then "'" | |
else c | |
end | |
end, | |
s | |
) | |
end | |
# Escape HTML entities. | |
# @category String | |
# @argsof string.escape[encoding] | |
def string.escape.html(%argsof(string.escape[encoding]), s) = | |
escaped = | |
[ | |
("&", "&"), | |
("<", "<"), | |
(">", ">"), | |
('"', """), | |
("'", "'") | |
] | |
def special_char(~encoding=_, c) = | |
list.assoc.mem(c, escaped) | |
end | |
def escape_char(~encoding=_, c) = | |
escaped[c] | |
end | |
string.escape( | |
%argsof(string.escape[encoding]), | |
special_char=special_char, | |
escape_char=escape_char, | |
s | |
) | |
end |
I apologize, I did not realize that there was a new one. |
Was my mistake :) ... i got the test thing going with |
@@ -495,7 +495,7 @@ def interactive.harbor( | |||
} | |||
} | |||
if (interactive[i].type != 'button') { | |||
data = data.concat(interactive[i].name+'='+interactive[i].value)+'&'; | |||
data = data.concat(interactive[i].name+'='+encodeURIComponent(interactive[i].value))+'&'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it just me, or encodeURIComponent
doesn't exist?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
encodeURIComponent
is on javascript side. It's standard (doc). Basically there to fix the issues with =&+
chars. Needed because those are special chars for URLs only (=&
used for querystrings and +
used as an space). Alternative solution would be to change the method to POST
instead of using GET
and using multipart/form-data
or alike
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just figured out this is a JS code.
@ghostnumber7 do you mind if I apply my proposed changes and gets this merged and backported to |
Already applied your suggestion. You can go ahead with the merging |
Merged. Thanks a lot for this! |
Sorry ... closed previous PR by mistake