fix: only escape characters in SSR template (#10555)

Adjusts the escaping mechanism done for server compilation. For template literals it's now only applied when explicitly told, which is the case for generated literals from the html template. Fixes a bug where a template literal string inside the `@html` tag was wrongfully escaped (https://github.com/sveltejs/svelte/issues/10359#issuecomment-1949678228)
pull/10558/head
Simon H 10 months ago committed by GitHub
parent 08978bfae8
commit aef245364c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

@ -0,0 +1,5 @@
---
"svelte": patch
---
fix: only escape characters in SSR template

@ -32,10 +32,11 @@ function t_string(value) {
/**
* @param {import('estree').Expression} value
* @param {boolean} [needs_escaping]
* @returns {import('./types').TemplateExpression}
*/
function t_expression(value) {
return { type: 'expression', value };
function t_expression(value, needs_escaping = false) {
return { type: 'expression', value, needs_escaping };
}
/**
@ -94,7 +95,8 @@ function serialize_template(template, out = b.id('out')) {
} else if (template_item.type === 'expression') {
const value = template_item.value;
if (value.type === 'TemplateLiteral') {
last.value.raw += sanitize_template_string(value.quasis[0].value.raw);
const raw = value.quasis[0].value.raw;
last.value.raw += template_item.needs_escaping ? sanitize_template_string(raw) : raw;
quasis.push(...value.quasis.slice(1));
expressions.push(...value.expressions);
continue;
@ -198,7 +200,7 @@ function process_children(nodes, parent, { visit, state }) {
}
}
state.template.push(t_expression(b.template(quasis, expressions)));
state.template.push(t_expression(b.template(quasis, expressions), true));
}
for (let i = 0; i < nodes.length; i += 1) {

@ -12,6 +12,7 @@ import type { ComponentAnalysis } from '../../types.js';
export type TemplateExpression = {
type: 'expression';
value: Expression;
needs_escaping: boolean;
};
export type TemplateString = {

@ -0,0 +1,5 @@
import { test } from '../../test';
export default test({
html: `s s s \\u73`
});

@ -0,0 +1,5 @@
{@html `\u{73}`}
{@html '\u{73}'}
{@html "\u{73}"}
\u{73}
Loading…
Cancel
Save