Opened 12 years ago

Closed 12 years ago

Last modified 12 years ago

#19136 closed Bug (fixed)

String literals in i18n JavaScript code is unescaped breaking

Reported by: Jannis Leidel Owned by: Jannis Leidel
Component: Internationalization Version: 1.4
Severity: Release blocker Keywords:
Cc: Triage Stage: Accepted
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

The footer JavaScript functions pgettext and npgettext contain unescaped string literals that lead to broken code that doesn't actually enable the functions to work correctly.

Attachments (1)

19136-tests.diff (6.0 KB ) - added by Claude Paroz 12 years ago.
Testing with LiveServerTestCase

Download all attachments as: .zip

Change History (9)

comment:1 by Jannis Leidel, 12 years ago

The code I mean can be found here: https://github.com/django/django/blob/9d2e1f065ede189f65e79eb3cb33a33b460a4351/django/views/i18n.py#L101-115

\x04 is the magic delimiter in gettext to make contexts work, so this needs to be escaped properly.

by Claude Paroz, 12 years ago

Attachment: 19136-tests.diff added

Testing with LiveServerTestCase

comment:2 by Claude Paroz, 12 years ago

See the attached tests, it seems to work, at least in Firefox. Now it may be that the unescaped delimiter is causing issues, further investigations needed.

comment:3 by Aymeric Augustin, 12 years ago

Reading Jannis' report, I understand that \x04 must be escaped in the arguments of the pgettext and npgettext functions before building value.

comment:4 by Jannis Leidel, 12 years ago

Yup.

comment:5 by Aymeric Augustin, 12 years ago

Owner: changed from nobody to Aymeric Augustin

comment:6 by Jannis Leidel, 12 years ago

Owner: changed from Aymeric Augustin to Jannis Leidel

comment:7 by Jannis Leidel <jannis@…>, 12 years ago

Resolution: fixed
Status: newclosed

In 4a5e8087ac7676ef08e76275c1f756778b39c13e:

Fixed #19136 -- Properly escape gettext context prefixes in the i18n JavaScript view template.

comment:8 by Jannis Leidel <jannis@…>, 12 years ago

In 0e3f7814d7106768e8eafcba0e74238fcdb90f9d:

[1.5.x] Fixed #19136 -- Properly escape gettext context prefixes in the i18n JavaScript view template.

Backport of 4a5e8087ac7676ef08e76275c1f756778b39c13e from master.

Note: See TracTickets for help on using tickets.
Back to Top