Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Greater and less than signs in attribute strings are converted to HTML entities. #4

Closed
Anaphase opened this issue Jun 2, 2013 · 8 comments

Comments

@Anaphase
Copy link
Contributor

Anaphase commented Jun 2, 2013

div @show("todos.length > 0") compiles to <div ng-show="todos.length &gt; 0"></div>, which breaks Angular. Is there currently a way around this?

@Anaphase
Copy link
Contributor Author

Anaphase commented Jun 2, 2013

I looks like all HTML entities are converted everywhere:

button.close '&times;' compiles to <button class="close">&amp;times;</button>

Is this a necessary limitation? Seems to be causing lots of problems for me, and I can't figure out a way around it.

@Anaphase
Copy link
Contributor Author

Anaphase commented Jun 2, 2013

Okay, it looks like I can use backtick escaping to fix the second example (button.close &times;), but that seems less than ideal and doesn't fix the first example.

@Anaphase
Copy link
Contributor Author

Anaphase commented Jun 2, 2013

Alright, after some further testing it appears that div @show("todos.length > 0") compiling to <div ng-show="todos.length &gt; 0"></div> actually doesn't break Angular. My problem was elsewhere. However, I still feel like this issue could be problematic in other use cases.

@padolsey
Copy link
Owner

padolsey commented Jun 2, 2013

This is an interesting issue. Either we abandon automatic HTML escaping or we keep it (for single/double quotes, and backticks never escape). I'm not really sure what to do because I can see merits with both.

It is a pain, when composing SIML, to escape my own content -- e.g. it's nice to be able to just type '&' for an ampersand instead of '&' but I can see your argument to.

I'll have a think about this. Maybe there should be an additional escaping prefix/operator to force escaping, otherwise nothing is escaped. e.g. ( using minus operator, similar to underscore.js' <%-Blah%>)

div a -' a > b > c'  // <div><a>a &gt; b &gt; c</a></div> 
div a 'a > b > c'    // <div><a>a > b > c</a></div>

@Anaphase
Copy link
Contributor Author

Anaphase commented Jun 4, 2013

I like the idea of the special non-escaping prefix. However, since we already have a "raw string" operator with the backticks, could we not just enable something like this instead?

div @show(`todos.length > 0`) // <div ng-show="todos.length > 0"></div>

(Currently, the line above compiles to <div ng-show="%%__HTML_TOKEN___%%0"></div>) I have no idea how language parsers work or if that's even feasible, but it seems like a smart idea to re-use the backtick operator here. I dunno.

@padolsey
Copy link
Owner

padolsey commented Jun 4, 2013

Ah, ok. I see the problem. You should indeed be able to use back-ticks within directives and attributes -- working on a fix now..

padolsey added a commit that referenced this issue Jun 4, 2013
…parsed correctly (and left unescaped). Add tests too. Re: issue #4
@padolsey
Copy link
Owner

padolsey commented Jun 4, 2013

Just pushed a fix and bumped version to 0.3.4. The div @show(todos.length > 0) snippet should work correctly now.

@Anaphase
Copy link
Contributor Author

Anaphase commented Jun 4, 2013

Awesome! Thanks for your help!

@Anaphase Anaphase closed this as completed Jun 4, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants