Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Always use double quotes for JSX and properly escape #126

Merged
merged 1 commit into from
Jan 12, 2017
Merged

Always use double quotes for JSX and properly escape #126

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
14 changes: 12 additions & 2 deletions src/printer.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1038,8 +1038,18 @@ function genericPrintNoParens(path, options, print) {
case "JSXAttribute":
parts.push(path.call(print, "name"));

if (n.value)
parts.push("=", path.call(print, "value"));
if (n.value) {
let res;
if (
(n.value.type === 'StringLiteral' || n.value.type === 'Literal') &&
typeof n.value.value === 'string'
) {
res = '"' + util.htmlEscapeInsideDoubleQuote(n.value.value) + '"';
} else {
res = path.call(print, "value");
}
parts.push("=", res);
}

return concat(parts);
case "JSXIdentifier":
Expand Down
13 changes: 13 additions & 0 deletions src/util.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -311,3 +311,16 @@ function setLocEnd(node, index) {
}
}
util.setLocEnd = setLocEnd;

// http://stackoverflow.com/a/7124052
function htmlEscapeInsideDoubleQuote(str) {
return str
.replace(/&/g, '&')
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why are we doing this in the formatter? Won't this continually replace the & in & if you successively print a file multiple times?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The parser unescapes the string. So if you write <div id="&amp;" />, str here will be & and not &amp;

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It does?! I'm confused! In JavaScript "&amp;" is just a normal string value, it doesn't mean anything until it touches the DOM right?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

JSX was supposed to be HTML in JS so it borrowed the HTML escaping format for strings literals. This is somethint that we are not happy about and if we are ever doing jsx2 we'll fix this. Until then we have to live with it

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah interesting!

.replace(/"/g, '&quot;');
// Intentionally disable the following since it is safe inside of a
// double quote context
// .replace(/'/g, '&#39;')
// .replace(/</g, '&lt;')
// .replace(/>/g, '&gt;');
}
util.htmlEscapeInsideDoubleQuote = htmlEscapeInsideDoubleQuote;
10 changes: 10 additions & 0 deletions tests/jsx/__snapshots__/jsfmt.spec.js.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
exports[`test quotes.js 1`] = `
"<div id=\"&quot;\'<>&amp;quot;\" />;
<div id=\'\"&#39;<>&amp;quot;\' />;
<div id={\'\\\'\"&quot;<>&amp;quot;\'} />;
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
<div id=\"&quot;\'<>&amp;quot;\" />;
<div id=\"&quot;\'<>&amp;quot;\" />;
<div id={\"\'\\\"&quot;<>&amp;quot;\"} />;
"
`;
1 change: 1 addition & 0 deletions tests/jsx/jsfmt.spec.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
run_spec(__dirname);
3 changes: 3 additions & 0 deletions tests/jsx/quotes.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
<div id="&quot;'<>&amp;quot;" />;
<div id='"&#39;<>&amp;quot;' />;
<div id={'\'"&quot;<>&amp;quot;'} />;