Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Transform placeables (escape values) #587

Open
slavafomin opened this issue Apr 23, 2022 · 0 comments
Open

Transform placeables (escape values) #587

slavafomin opened this issue Apr 23, 2022 · 0 comments

Comments

@slavafomin
Copy link

Hello!

Thank you for this great library!

However, I'm building HTML messages with Fluent and I need to insert user-generated content into the final messages using placeables. The thing is that user could provide values containing HTML, which could break the final markup or could even be dangerous. All templating systems allow to escape values passed to the templates. It would be great if Fluent would have such functionality as well.

E.g.:

new FluentBundle('en', {
  transformPlaceable: value => escapeHtml(value),
});

Fluent bundle has a transform option, but it receives everything, but not the values.

I know I can escape the values before passing them to Fluent, but having it at the Fluent level will be more convenient and will better mimic how templating systems work.

What do you think? Thanks!
slavafomin added a commit to slavafomin/fluent.js that referenced this issue Apr 23, 2022
@slavafomin
Proof of concept for projectfluent#587 (transform placeables)
cb5d414 
Signed-off-by: Slava Fomin II <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@slavafomin