UI: move escaping in charts from consumers to renderer (46966)#11119
UI: move escaping in charts from consumers to renderer (46966)#11119thibsy merged 2 commits intoILIAS-eLearning:release_10from
Conversation
thibsy
left a comment
thibsy
left a comment
There was a problem hiding this comment.
Hi @schmitz-ilias,
Thx a lot for the bugfix! The approach seems plausible to me. In addition, could you
Please implement the following changes:
- Unit test: please provide at least one rendering unit test which ensures the values are properly encoded, maybe use a data-provider for multiple.
Kind regards,
@thibsy (as UI coordinator)
|
Done! For what it's worth, I think escaping in |
thibsy
left a comment
thibsy
left a comment
There was a problem hiding this comment.
Hi @schmitz-ilias,
Thx a lot for the unit tests, very well structured!
I agree with what you are saying about the escaping unit tests. Since we do band-aid escaping, I think its fine if we also do band-aid testing for now =).
Kind regards,
@thibsy (as UI coordinator)
* Fixes https://mantis.ilias.de/view.php?id=46966 * Add unit tests covering `Char\Bar` escaping
* Fixes https://mantis.ilias.de/view.php?id=46966 * Add unit tests covering `Char\Bar` escaping
3 participants
This PR fixes 46966 by escaping the content of KS charts directly before rendering it, instead of leaving it to consumers to escape the data themselves. This is necessary, because the same data is used for two different purposes, with two different requirements for escaping: once to a screen-reader-only listing rendered as HTML, and once passed as JSON to chart.js.
Let me know if you want anything done differently!