Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

single quote ' in translation string breaks ui_app.jade #10580

Closed
srl295 opened this issue Feb 25, 2017 · 6 comments · Fixed by #29581
Closed

single quote ' in translation string breaks ui_app.jade #10580

srl295 opened this issue Feb 25, 2017 · 6 comments · Fixed by #29581
Labels
bug Fixes for quality problems that affect the customer experience Project:i18n Team:Core Core services & architecture: plugins, logging, config, saved objects, http, ES client, i18n, etc

Comments

@srl295
Copy link
Contributor

srl295 commented Feb 25, 2017

Kibana version: master (6.0.0 alpha, 7084d55)

Original install method (e.g. download page, yum, from source, etc.): source

Description of the problem including expected versus actual behavior:

French translation with a single quote breaks startup page, because UI-WELCOME_ERROR is substituted into the inline script without escaping.

The specific translation bundle ( plugins/kibana_translation/translations/fr.json ) looks like this:

{
  "UI-WELCOME_MESSAGE": "En chargeant Kibana",
  "UI-WELCOME_ERROR": "Kibana n'a pas chargé correctement. Vérifiez le rendement du serveur pour plus d'information."
}

Steps to reproduce:

  1. unpack the enclosed .tgz ( creates plugins/kibana_translation/… )
  2. startup kibana with npm run start
  3. bring up a browser configured for French (fr)

Errors in browser console (if relevant):

Uncaught SyntaxError: Unexpected identifier @ kibana:179

The specific line is:

err.innerText = 'Kibana n'a pas chargé correctement. Vérifiez le rendement du serveur pour plus d'information.';

This is caused by the source in ui_app.jade:

err.innerText = '#{i18n('UI-WELCOME_ERROR')}';

I think this can be corrected with some escaping. Probably using JSON.stringify as elsewhere on the same page.
@srl295
Copy link
Contributor Author

srl295 commented Feb 25, 2017

fyi @hickeyma - this is reproducible without phase 2 #8766 so I am filing separately.

@srl295 srl295 mentioned this issue Feb 25, 2017
Closed
@srl295
Copy link
Contributor Author

srl295 commented Feb 25, 2017
edited
Loading

Note that in the welcome message, ' is fine, as shown below. (PS: pardon any issues with the français, SVP)

{
  "UI-WELCOME_MESSAGE": "En chargeant Kibana, s'il vous plait!",
  "UI-WELCOME_ERROR": "Kibana n'a pas chargé correctement. Vérifiez le rendement du serveur pour plus d'information."
}

I wonder if it should be err.innerHtml because Jade might HTML-escape something here.

@epixa epixa added Team:Core Core services & architecture: plugins, logging, config, saved objects, http, ES client, i18n, etc bug Fixes for quality problems that affect the customer experience Project:i18n labels Feb 26, 2017
@hickeyma
Copy link
Contributor

hickeyma commented Feb 27, 2017
edited
Loading

@srl295 Good catch, thanks. This would have been a silent issue until Phase 4, so it is good that you could do some testing with other languages that introduce single quotes.

It only applies to UI-WELCOME_ERROR because the jade code references it in a single quote and therefore the single quote in the text string is not escaped.

To show this message the server would need to be killed as welcome/loading page is in progress. Then the error page would be loaded.

@srl295
Copy link
Contributor Author

srl295 commented Mar 1, 2017

@hickeyma to be clear, the error prevents Kibana page startup… it's not just a broken message when the server is killed at the right time.

@hickeyma
Copy link
Contributor

hickeyma commented Mar 1, 2017

@srl295 My bad on #10580 (comment). It ewas the way I was testing the issue initially.

srl295 added a commit to srl295/kibana that referenced this issue Mar 7, 2017
@srl295
Move UI-WELCOME_ERROR from a script insertion to a hidden <div>
6c30eb7 
* store the error message in an extra div for later retrieval

Fixes: elastic#10580
srl295 added a commit to srl295/kibana that referenced this issue Mar 21, 2017
@srl295
Move UI-WELCOME_ERROR from a script insertion to a hidden <div>
c17baa4 
* store the error message in an extra div for later retrieval

Fixes: elastic#10580
srl295 added a commit to srl295/kibana that referenced this issue Feb 21, 2018
@srl295
Move UI-WELCOME_ERROR from a script insertion to a hidden <div>
246e7b9 
* store the error message in an extra div for later retrieval

Fixes: elastic#10580
@cjcenizal
Copy link
Contributor

Closing this as we’re moving to a different localization system which should address this problem.

@maryia-lapata maryia-lapata mentioned this issue Jan 30, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Fixes for quality problems that affect the customer experience Project:i18n Team:Core Core services & architecture: plugins, logging, config, saved objects, http, ES client, i18n, etc
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[i18n] Move welcome error message from a script insertion to a data attribute maryia-lapata/kibana
4 participants
@epixa @srl295 @cjcenizal @hickeyma