fix: escape backslashes in popup text (fixes #1907)#2240
Open
cycsmail wants to merge 1 commit into
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #1907
Problem
Popup HTML goes into a JavaScript template literal (backtick string). If the text has a backslash followed by a digit (e.g. a Windows path like
C:\path\20190221), the JS engine reads it as an octal escape sequence, which is illegal in template literals/strict mode. The map fails to load withUncaught SyntaxError: octal escape sequences can't be used in untagged template literals.escape_backticks()only escaped backticks, so any backslash in the text leaked straight through.Fix
Escape backslashes as well as backticks before the text goes into the template literal (backslashes first, so the escape we add for backticks isn't itself mangled):
Covers both call sites that embed text in backtick literals,
PopupandClickForMarker. The previous negative-lookbehind regex assumed callers pre-escaped backticks, which they don't, so I dropped it (and the now-unusedimport re).Test plan
tests/test_map.py::test_popup_backslashes, which renders a popup with backslash+digit sequences and asserts the backslashes are doubled in the output. It fails on the unpatched tree (confirmed by stashing the fix) and passes with it.test_popup_backticksstill passes.ruffandblack --checkclean on the changed files.