Rendering HTML entities

Question

Rendering HTML entities

ryaninvents opened this issue 3 years ago · comments

vhtml renders “ as &ldquo;, which causes the source string to appear in the output.

It would be helpful if entities in the "quasis" of the template string were left alone, and interpolated string values were escaped:

// Source
const copyright = '&copy; 2021';
return html`<div>&ldquo;${copyright}&rdquo;</div>`;

// Rendered output
<div>&ldquo;&amp;copy;2021&rdquo;</div>

Ryan Kennedy · Answer 1 · Fri Feb 05 2021 03:37:58 GMT+0800 (China Standard Time)

Hm, started a PR but the problem doesn't seem to be in this package. Definitely a problem with my specific use case.

	it("should not sanitize HTML entities", () => {
		expect(
			<div>
				&copy;
				<em>allowed</em>
			</div>
		).to.equal(`<div>©<em>allowed</em></div>`);
	});

Maik Schmidt · Answer 2 · Thu Jun 10 2021 15:05:35 GMT+0800 (China Standard Time)

HI @ryaninvents, I am hitting the same issue. How did you overcome your situation?

Ryan Kennedy · Answer 3 · Thu Jun 10 2021 17:58:10 GMT+0800 (China Standard Time)

I don't recall whether I fixed it in the project itself... The reason I closed the issue is because I created a minimal test case to demonstrate the issue, but the test case behaved as expected. I think there was another layer in my application trying to perform encoding, so it was getting applied twice.