Vincit / venia

Clojure(Script) graphql query generation
Eclipse Public License 1.0
197 stars 20 forks source link

Incorrect parsing of quotes in strings #29

Open gaverhae opened 6 years ago

gaverhae commented 6 years ago
(venia.core/graphql-query {:venia/queries [[:q {:arg "he\"llo"} [:prop]]]})
;=> "{q(arg:\"he\"llo\"){prop}}"

I would expect the literal quote in the string to be escaped. The return value in this case is not a valid GraphQL query.

I'm not familiar enough with the GraphQL spec to know if there are other characters that need to be escaped.

gaverhae commented 6 years ago

If it's any help, in my case I've solved it with:


(ns ...
  (:require [clojure.walk :as walk]
            [clojure.string :as string]
            [venia.core :as v]))

;; [...]

(defn ->queries [& queries]
  (let [sanitized-queries (walk/postwalk (fn [v] (if (string? v)
                                                   (string/escape v {\" "\\\""})
                                                   v))
                                         queries)]
    (v/graphql-query {:venia/queries sanitized-queries})))
xfthhxk commented 6 years ago

I ran into this also. PR #31 addresses this.