Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: ensure & is escaped for ssr attrs #2531

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix: ensure & is escaped for ssr attrs #2531

wants to merge 1 commit into from

Conversation

DylanPiercey
Copy link
Contributor

@DylanPiercey DylanPiercey commented Feb 22, 2025
edited
Loading

  • Backports Marko 6 attribute escape logic to Marko 5.
  • Use new attrAssignment helper in both runtimes more consistently. (this means nonce attributes now use the same logic and will omit quotes if possible).
  • Ensure html entities are escaped in SSR.
  • Avoids some unnecessary quoting for await/reorder wrapper attributes.
  • updates class api snapshots (they technically did not invalidate since they only update automatically when the finalized dom is different, the manual update just shows changes to the raw html output since the test was written).

@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Feb 22, 2025
edited
Loading

🦋 Changeset detected

Latest commit: 39b6bbd

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 2 packages
Name Type
marko Patch
@marko/runtime-tags Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@codecov Codecov
Copy link

codecov bot commented Feb 22, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 89.43662% with 15 lines in your changes missing coverage. Please review.

Project coverage is 87.06%. Comparing base (a5d8384) to head (39b6bbd).

Files with missing lines Patch % Lines
...ges/runtime-class/src/runtime/html/helpers/attr.js 86.79% 7 Missing ⚠️
packages/runtime-tags/src/html/attrs.ts 94.73% 3 Missing ⚠️
...runtime-class/src/core-tags/core/await/renderer.js 0.00% 2 Missing ⚠️
...ime-class/src/runtime/html/helpers/props-script.js 0.00% 2 Missing ⚠️
packages/runtime-tags/src/html/writer.ts 50.00% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #2531      +/-   ##
==========================================
- Coverage   87.07%   87.06%   -0.01%     
==========================================
  Files         352      351       -1     
  Lines       40494    40487       -7     
  Branches     2693     2700       +7     
==========================================
- Hits        35262    35252      -10     
- Misses       5206     5209       +3     
  Partials       26       26

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@DylanPiercey DylanPiercey force-pushed the escape-amp branch 5 times, most recently from c64a4fd to b434712 Compare February 22, 2025 22:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@DylanPiercey