Automatically convert -'s (hyphens) in HTML comments to something that doesn't result in an invalid comment #88

Open
TylerRick opened this Issue Feb 10, 2010 · 5 comments

Projects

None yet

4 participants

@TylerRick

If you do

/
  this -- is a comment

, you end up with an invalid comment (because HTML comments don't allow -- in them), some of which may end up visible on the page.



What would you think about making / automatically "escape" these dangerous characters so that people don't accidentally screw up their page layout?

The - entity seems to be a safe alternative:

class String
  def safe_in_comment
    gsub('-', '-')
  end
end
@nex3
Haml member

I don't like that this makes the comment hard-to-read. I'm tempted to say that it's the user's responsibility not to write an invalid comment.

Is there a way we can handle this that preserves the readability of the comment?

@enosis

Perhaps a solution lies in defusing a few other related traps: embedded Html Comment start tags or end tags.

Besides the ordinary occurrence of "--" in plaintext, the start/end tags could be (unknowingly) included in Haml Source via dynamic variables (interpolation).

Could these mappings work?

Within Haml Comment ContentBlock
  HamlSource                    HtmlOutput
  (After Interpolation)
  ---------------------         ---------------------
  1. /--+>/                     --><!--
  2. /<!--+/                    --><!--
  3. /-(-+)/                    '-' + ' ' * $1.length 

This and other Html Comment oddities are explored in the Haml Whitespace Semantics Extension (Haml WSE) proposals at http://github.com/enosis/haml-wse-specs

See:

Repo moved to: http://github.com/enosis/haml-wse-specs

@nex3
Haml member

Those substitutions would be reasonable. I'm not terribly eager to implement this myself, but I'd accept a patch.

@enosis

Thanks for the note, Nathan. Hopefully someone will be inspired to take it up, as I'll be unable to get to it for a while. --Nick

@kgrz

Took a shot at this and I used the same (except for the "--+" replacement) substitution sets as mentioned in the comments above. However, I didn't use gsub to avoid multiple replacements unless a non-trivial regexp is used.

text = "This is an arrow --> hahaha -- what?"
text.gsub!(/--+>/, "--><!--")   # => This is an arrow --><!-- hahah -- what?
text.gsub!(/-(-+)/, "-")           # => This is an arrow -><!- hahah - what? 

My solution here kgrz@aebd27f works but I think it's clumsy but there was no visible difference when I ran rake benchmark. Need some pointers in improving this :)

Clone URL:

git clone git@github.com:kgrz/haml.git double_hyphens_in_comments_fix
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment