Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

HTML it's escaped in data-l10n-args="" #8

Closed
valerio-bozzolan opened this issue Jul 15, 2014 · 3 comments
Closed

HTML it's escaped in data-l10n-args="" #8

valerio-bozzolan opened this issue Jul 15, 2014 · 3 comments

Comments

@valerio-bozzolan
Copy link

@valerio-bozzolan valerio-bozzolan commented Jul 15, 2014

I've a problem:

In HTML:

<p data-l10n-id="something" data-l10n-args='{"prelink":"<a href=\"https://somewhere.tld\">", "postlink":"</a>"}'></p>

In source code:

alert(_("something", {prelink: "<a href=\"https://somewhere.tld\">", postlink:"</a>" });

In .json:

"something":"Click {{prelink}}here{{postlink}}",

In the alert (translated directed from the source code) I can see right:

Click <a href="https://somewhere.tld">here</a>

In HTML (instead translated using the data-l10n tags) it's generated:

Click &lt;a href="https://somewhere.tld"&gt;here&lt;/a&gt;

Why using the HTML method, the content of the args it's escaped?

Thanks in advance :)

@valerio-bozzolan valerio-bozzolan changed the title HTML in args HTML in tag args Jul 15, 2014
@valerio-bozzolan valerio-bozzolan changed the title HTML in tag args HTML it's escaped in data-l10n-args="" Jul 15, 2014
@marcelklehr
Copy link
Owner

@marcelklehr marcelklehr commented Jul 15, 2014

That's a security measure. You can append certain DOmNode properties to
your l10n-id to circumvent this. e.g. if you name your message
main.helloWorld.innerHTML the message will be set as innerHTML, directly.

@marcelklehr
Copy link
Owner

@marcelklehr marcelklehr commented Jul 15, 2014

@valerio-bozzolan
Copy link
Author

@valerio-bozzolan valerio-bozzolan commented Jul 15, 2014

Ah, yeah!

It took me a little 'attempts to understand that it isn't enough to mention innerHTML only in the id of where it is needed, when instead both the parts (JSON and HTML) must have the same name ending both with innerHTML.

Thank you very much :)

valerio-bozzolan added a commit to valerio-bozzolan/minesweeper that referenced this issue Dec 4, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants
You can’t perform that action at this time.