Project

General

Profile

Actions
Copy link

Task #102207

closed

Escape dynamic values in selector queries

Added by Benjamin Franzke about 1 year ago. Updated 10 months ago.

Status:
Closed
Priority:
Should have
Assignee:
Benjamin Franzke
Category:
Backend JavaScript
Target version:
Candidate for patchlevel
Start date:
2023-10-19
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
12
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

Whenever dynamic data is passed to query selectors, it needs to be escaped.

Example for a wrong example:

const baz = readFromSomeDynamicData(),
const foo = document.querySelector('foo[bar="' + baz + '"]');

Better/Correct:

const baz = readFromSomeDynamicData(),
const foo = document.querySelector('foo[bar="' + CSS.escape(baz) + '"]');

Ideal/Desired would be to use a string literal for syntax sugar reasons:

const baz = readFromSomeDynamicData(),
const foo = document.querySelector(selector`foo[bar="${baz]"]`);
Actions
Copy link
 #1

Updated by Gerrit Code Review about 1 year ago

  • Status changed from New to Under Review

Patch set 2 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/81477

Actions
Copy link
 #2

Updated by Gerrit Code Review about 1 year ago

Patch set 3 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/81477

Actions
Copy link
 #3

Updated by Gerrit Code Review about 1 year ago

Patch set 4 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/81477

Actions
Copy link
 #4

Updated by Gerrit Code Review about 1 year ago

Patch set 5 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/81477

Actions
Copy link
 #5

Updated by Gerrit Code Review about 1 year ago

Patch set 6 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/81477

Actions
Copy link
 #6

Updated by Gerrit Code Review about 1 year ago

Patch set 7 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/81477

Actions
Copy link
 #7

Updated by Gerrit Code Review about 1 year ago

Patch set 8 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/81477

Actions
Copy link
 #8

Updated by Gerrit Code Review about 1 year ago

Patch set 9 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/81477

Actions
Copy link
 #9

Updated by Gerrit Code Review about 1 year ago

Patch set 10 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/81477

Actions
Copy link
 #10

Updated by Gerrit Code Review about 1 year ago

Patch set 1 for branch 12.4 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/81592

Actions
Copy link
 #11

Updated by Anonymous about 1 year ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100
Actions
Copy link
 #12

Updated by Benni Mack 10 months ago

  • Status changed from Resolved to Closed
Actions
Copy link

Also available in: Atom PDF