Escape variables in mkdocs data #5759
Conversation
| @@ -1,10 +1,10 @@ | |||
| var READTHEDOCS_DATA = {{ data_json|safe }} | |||
There was a problem hiding this comment.
Do we not need it here, too?
There was a problem hiding this comment.
Let me check. There's a new templatetag in Django 2 for JSON data but we can't use it yet.
There was a problem hiding this comment.
There is one in 1.11 https://docs.djangoproject.com/en/1.11/ref/templates/builtins/#escapejs
There was a problem hiding this comment.
oh, this is a json object I guess?
There was a problem hiding this comment.
So the above is not quite right. This is a bit complex so I'm going to spend slightly more time here and try to write a test or two.
There was a problem hiding this comment.
oh, this is a json object I guess?
Correct. Escapejs doesn't work for this kind of object.
| var doc_version = "{{ current_version|escapejs }}"; | ||
| var doc_slug = "{{ slug|escapejs }}"; | ||
| var page_name = "{{ pagename|escapejs }}"; | ||
| var html_theme = "{{ html_theme|escapejs }}"; |
There was a problem hiding this comment.
I think " are inserted by the filter (didn't tested it).
There was a problem hiding this comment.
Reading the django code, looks like they don't include "
There was a problem hiding this comment.
I'm not sure where you're looking but it is included as far as I can tell.
>>> from django.template.defaultfilters import escapejs_filter
>>> escapejs_filter('"')
'\\u0022'
https://github.com/django/django/blob/1.11/django/utils/html.py#L54-L76
There was a problem hiding this comment.
I mean the " surrounding the variable. In jinja you just need to put var foo = {{ bar|tojson }}. Django needs var foo = "{{ bar|escapejs }"
There was a problem hiding this comment.
Got it. Correct. That's different.
No description provided.