Escape translation string injections to JS files.

Voog / design-longyearbyen

Longyearbyen design for Voog

0 stars 0 forks source link

Open kaspar-naaber opened 7 years ago

kaspar-naaber commented 7 years ago

If translation string contains single quotes it will break the JS code (problem exists in Nederlands language).

kaspar-naaber commented 6 years ago

For example the following injection...

site.bindContentItemImgDropAreas('{{ "drag_picture_for_product_here" | lc }}');

..should be escaped like this:

site.bindContentItemImgDropAreas('{{ "drag_picture_for_product_here" | lc | escape }}');