Skip to content

Fix generating invalid JS when module name contains double quotes (#842) #843

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 0 commits into from
Closed

Fix generating invalid JS when module name contains double quotes (#842) #843

wants to merge 0 commits into from

Conversation

arsssen
Copy link
Contributor

@arsssen arsssen commented Apr 13, 2018

No description provided.

@sourcelevel-bot
Copy link

Hello, @arsssen! This is your first Pull Request that will be reviewed by Ebert, an automatic Code Review service. It will leave comments on this diff with potential issues and style violations found in the code as you push new commits. You can also see all the issues found on this Pull Request on its review page. Please check our documentation for more information.

@arsssen arsssen mentioned this pull request Apr 13, 2018
Closed
OvermindDL1
OvermindDL1 reviewed Apr 13, 2018
View reviewed changes
lib/ex_doc/formatter/html/templates.ex Outdated
end

defp sidebar_items_node(module_node) do
escape_quotes = &String.replace(&1, "\"", "\\\"")
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Might be good to escape \ too in case it appears at the end of a module name (unlikely though not impossible)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of escape, I think we should call #{inspect(id)} instead of #{id} when generating the sidebar data in the first place. :) That should take care of everything.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Another option is to call html_escape or similar.

@arsssen arsssen closed this Apr 17, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@josevalim josevalim josevalim left review comments

+1 more reviewer

@OvermindDL1 OvermindDL1 OvermindDL1 left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@arsssen @josevalim @OvermindDL1