Package cloud #181
Package cloud #181
Conversation
|
Is there a reason you need to fork this? |
| @@ -6,6 +6,8 @@ const RIGHT = '-->'; | |||
| const ENCODE = [ | |||
| ['&', '&'], | |||
| ['>', '>'], | |||
| ['<', '<'], | |||
There was a problem hiding this comment.
note that I’m pretty sure this isnt needed, it just increases the HTML size for no benefit.
|
Hey @ljharb! We were under the impression that this project and hypernova-ruby weren't actively maintained due to the reduced contributions/interactions lately. Let me give you some context: We noticed a bug awhile ago where unescaped HTML characters were causing a JSON.parse error, breaking the JS on some of our views. The original attempt to rectify this was here: airbnb/hypernova-ruby#22 The issue is that certain browsers will take a prop like I've been looking into this one for the past little while and I guess that hypernova-ruby performs that escaping through the BlankRenderer when the hypernova server is unavailable right? So a more complete solution would be to implement more thorough escaping on hypernova and its client libraries to cover all scenarios. tl;dr we feel we should be escaping these other characters for safety and to protect against the current breakages we're experiencing. Looking again at the original PR I'm inclined to agree that JSON escaping would be more appropriate, but anxious to hear what you think. |
|
It seems like it would be a trivial change to just add escaping of If so, it'd be great to reopen this PR and repurpose it to achieve that, and we can do the same process on hypernova-ruby. |
|
I agree, that should be trivial and would resolve the issue on our end. How do you feel about switching to JSON escaping instead as part of the implementation as outlined in airbnb/hypernova-ruby#22? |
|
I’d have to see what that involves. For now, I’m going to move forward with #167 |
Setting up for private hosting on package cloud