Skip to content

Fix mobile breadcrumb html safe #9

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
rsdeus wants to merge 0 commits into from
Closed

Fix mobile breadcrumb html safe #9

rsdeus wants to merge 0 commits into from

Conversation

@rsdeus
Copy link
Member

@rsdeus rsdeus commented Nov 26, 2024

🎩 What? Why?

Breadcrumb for mobile is escaped without html_safe, and for desktop, it is displayed without using the escape method.

📌 Related Issues

https://git.octree.ch/decidim/decidim-nightly/-/issues/68#note_46918

Testing

Create an proposal named, for example: "Partage d'idées"

📷 Screenshots

image

♥️ Thank you!

@rsdeus rsdeus requested a review from froger November 26, 2024 11:00
@rsdeus rsdeus self-assigned this Nov 26, 2024
@rsdeus rsdeus changed the title Fix/mobile breadcrumb html safe fix: mobile breadcrumb html safe Nov 26, 2024
@rsdeus rsdeus changed the title fix: mobile breadcrumb html safe Fix mobile breadcrumb html safe Nov 26, 2024
froger
froger reviewed Nov 26, 2024
View reviewed changes
decidim-core/app/views/layouts/decidim/header/_menu_breadcrumb_mobile_tablet.html.erb Outdated
<span>
<% breadcrumb_items.last(2).each_with_index do |item, i| %>
<% item_label = decidim_escape_translated(item[:label]) %>
<% item_label = decidim_escape_translated(item[:label]).html_safe %>
Copy link
Member

@froger froger Nov 26, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rsdeus decidim_escape_translated, shouldn't always be html_safe? or add a param to the function.

Copy link
Member

@froger froger Nov 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see the function applied in numerous places: https://github.com/search?q=repo%3Adecidim%2Fdecidim+decidim_escape_translated&type=code&p=1

And I see no reference to html_safe... meaning the issue is potentially everywhere?

Copy link
Member Author

@rsdeus rsdeus Nov 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, but the problems do not arise everywhere. However, I suggested returning the output of decidim_html_escape with html_safe to ensure better encoding.
87bd217

github-actions[bot]
github-actions bot requested changes Nov 26, 2024
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This pull request does not contain a valid label. Please add one of the following labels: ['type: feature', 'type: change', 'type: fix', 'type: removal', 'target: developer-experience', 'type: internal']

@rsdeus rsdeus force-pushed the fix/mobile_breadcrumb_html_safe branch from 4118060 to 6e5b605 Compare January 15, 2025 13:13
@rsdeus rsdeus closed this Jan 20, 2025
@rsdeus rsdeus force-pushed the fix/mobile_breadcrumb_html_safe branch from 6e5b605 to f4145fa Compare January 20, 2025 13:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@froger froger froger left review comments

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

@rsdeus rsdeus

Labels

module: core type: fix

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@rsdeus @froger