Open eddysims opened 3 months ago
Known issue, getting fixed soon 🙏 It's a platform thing. The platform was putting them there to avoid XSS attacks in the case the JSON was dumped in an HTML document.
e.g.
{
"thing": "</script><script>console.log('hello world');</script>"
}
<html>
<script type="application/json">
{
"thing": "</script><script>console.log('hello world');</script>"
}
</script>
</html>
That would actually run the code in the JSON document here. The fix? Backslash all the /
in the JSON doc so that the script can't run when dumped in the HTML doc.
{
"thing": "<\/script><script>console.log('hello world');<\/script>"
}
<html>
problem solved!
<script type="application/json">
{
"thing": "<\/script><script>console.log('hello world');<\/script>"
}
</script>
</html>
Thing is, most of our "platform JSON" docs you can't dump directly into your HTML docs, so it's an unnecessary precaution. But we gotta do it carefully.
Closing as duplicate
@charlespwd I see you closed this as duplicate. Do you have a reference to another place I can follow along with this?
It's an internal issue. Afraid I can't. This is a platform bug :/ the prettier plugin is working as intended 😅
It is on our roadmap to fix this though. You're definitely not the only one annoyed by that.
Hey @charlespwd , so it's completely fine to let prettier format the json file (unescaping forward dashes) when working with local themes, right?
@charlespwd Thank you for the update
Wish this wasn't closed. Had the same issue, took a while to find this because it wasn't listed as an open issue.
Even if Shopify has an internal issue to track this, it's helpful to keep it open for the general public to track until it is fixed.
Fair!
Describe the bug
When using the shopify github integration, I am getting back file urls as an escaped string. Then when running prettier, it is removing the
\
from the url.Unformatted source
Expected output
Actual output
Debugging information
Additional context
Here is my prettier config: