Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Escape variables in mkdocs data #5759

Merged
merged 3 commits into from Jun 5, 2019
Merged

Conversation

@davidfischer
Copy link
Contributor

@davidfischer davidfischer commented Jun 3, 2019

No description provided.

@davidfischer davidfischer requested a review from Jun 3, 2019
@@ -1,10 +1,10 @@
var READTHEDOCS_DATA = {{ data_json|safe }}
Copy link
Member

@ericholscher ericholscher Jun 3, 2019

Do we not need it here, too?

Copy link
Contributor Author

@davidfischer davidfischer Jun 3, 2019

Let me check. There's a new templatetag in Django 2 for JSON data but we can't use it yet.

Copy link
Member

@stsewd stsewd Jun 3, 2019

Copy link
Member

@stsewd stsewd Jun 3, 2019

oh, this is a json object I guess?

Copy link
Contributor Author

@davidfischer davidfischer Jun 3, 2019

So the above is not quite right. This is a bit complex so I'm going to spend slightly more time here and try to write a test or two.

Copy link
Contributor Author

@davidfischer davidfischer Jun 3, 2019

oh, this is a json object I guess?

Correct. Escapejs doesn't work for this kind of object.

var doc_version = "{{ current_version|escapejs }}";
var doc_slug = "{{ slug|escapejs }}";
var page_name = "{{ pagename|escapejs }}";
var html_theme = "{{ html_theme|escapejs }}";
Copy link
Member

@stsewd stsewd Jun 3, 2019

I think " are inserted by the filter (didn't tested it).

Copy link
Member

@stsewd stsewd Jun 3, 2019

Reading the django code, looks like they don't include "

Copy link
Contributor Author

@davidfischer davidfischer Jun 3, 2019

I'm not sure where you're looking but it is included as far as I can tell.

>>> from django.template.defaultfilters import escapejs_filter
>>> escapejs_filter('"')
'\\u0022'

https://github.com/django/django/blob/1.11/django/utils/html.py#L54-L76

Copy link
Member

@stsewd stsewd Jun 3, 2019

I mean the " surrounding the variable. In jinja you just need to put var foo = {{ bar|tojson }}. Django needs var foo = "{{ bar|escapejs }"

Copy link
Contributor Author

@davidfischer davidfischer Jun 3, 2019

Got it. Correct. That's different.

stsewd
stsewd approved these changes Jun 3, 2019
humitos
humitos approved these changes Jun 4, 2019
Copy link
Member

@humitos humitos left a comment

LGTM!

@ericholscher ericholscher merged commit 133d957 into master Jun 5, 2019
2 checks passed
@delete-merged-branch delete-merged-branch bot deleted the davidfischer/mkdocs-escape-vars branch Jun 5, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

4 participants