Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent HTML-escape of raw strings in JSX script/style tags #6459

Merged
merged 2 commits into from
Mar 8, 2023
Merged

Prevent HTML-escape of raw strings in JSX script/style tags #6459

merged 2 commits into from
Mar 8, 2023

Conversation

bluwy
Copy link
Member

@bluwy bluwy commented Mar 8, 2023
edited
Loading

Changes

Fixes #6404
Fixes #6327

This PR allows writing

<script>
{`console.log('raw script')`}
</script>

<style>
{`
h1[id="script-style-raw"] {
  color: red;
}
`}
</style>

Without the inner string contents to be HTML-escaped incorrectly. Previously you'd get something like:

<script>
console.log(&quot;raw script&quot;)
</script>

This also unblocks remark/rehype plugins that injects AST that would theoretically represent something like the above.

Testing

Added tests in MDX integration

Docs

Technically this allows the syntax of the above, but I'm not sure this is a pattern we want to show in the docs yet.

@changeset-bot
Copy link

changeset-bot bot commented Mar 8, 2023
edited
Loading

🦋 Changeset detected

Latest commit: 95ee558

The changes in this PR will be included in the next version bump.

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@github-actions github-actions bot added pkg: astro Related to the core `astro` package (scope) pkg: integration Related to any renderer integration (scope) labels Mar 8, 2023
@bluwy bluwy mentioned this pull request Mar 8, 2023
Closed
1 task
ematipico
ematipico approved these changes Mar 8, 2023
View reviewed changes
packages/astro/src/runtime/server/jsx.ts Outdated Show resolved Hide resolved
packages/astro/src/runtime/server/jsx.ts
)}`
);
}

/**
* Pre-render the children with the given `tag` information
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit nit nit: the description and/or the function's name don't do justice to the actual implementation. Saying "pre-render" is a bit reductive, considering what the function actually does. Maybe escapeContentTags or something like that?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I chose prerenderElementChildren since it's being called by the renderElement function, so kinda like a pre-pass phase. So ideally in the future this function could do more than handling this specific case, similar to the other render functions in this file. So I'm not sure if we need to rename it to something specific 🤔

@bluwy bluwy merged commit 964d552 into main Mar 8, 2023
@bluwy bluwy deleted the mdx-unescape-script-style branch March 8, 2023 16:29
@astrobot-houston astrobot-houston mentioned this pull request Mar 8, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@matthewp matthewp matthewp approved these changes

@ematipico ematipico ematipico approved these changes

Assignees
No one assigned
Labels
pkg: astro Related to the core `astro` package (scope) pkg: integration Related to any renderer integration (scope)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

MDX and rehype-mathjax not rendering properly inject script tag in mdx content
3 participants
@bluwy @matthewp @ematipico