escaping of ' - Githubissues

dasch-swiss / beol

Bernoulli-Euler OnLine

https://beol.dasch.swiss

GNU Affero General Public License v3.0

0 stars 1 forks source link

escaping of ' #52

Closed SepidehAlassi closed 5 years ago

SepidehAlassi commented 6 years ago

with new GUI, some of the characters are not escaped correctly. For example ' which is for single quote. It is used in the comment of Edited Book which has BEOL-IDs="fussphbied"

In beta release it is rendered correctly and comment is

Imprimerie de l'Académie Impériale des Sciences
in new GUI, ' is not rendered correctly, see here where comment reads

Imprimerie de l'Académie Impériale des Sciences

Apparently 'is not part of the HTML 4 standard, can that be the reason it is not rendered correctly anymore with new GUI? are we using HTML 4 now? 'is valid in HTML 5 though!

tobiasschweizer commented 6 years ago

I think I know why: it should be rendered with the component ReadTextValueAsHTML

SepidehAlassi commented 6 years ago

@tobiasschweizer is it easy to fix? This character is used in many places.

tobiasschweizer commented 6 years ago

I think so, yes. We will have a look!

tobiasschweizer commented 6 years ago

I believe the reason is that Angular escapes HTML if it is not assigned to the innerHTML property of the containing element.

flavens commented 6 years ago

@SepidehAlassi should this "comment" property be treated as HTML text only in biblio or is there an other comment property with the same issue (like in Person)?

SepidehAlassi commented 6 years ago

@flavens fulltext search of it shows that ' appears just in biblio items. So your fix to biblio-items-component should fix all the occurrences.

SepidehAlassi commented 6 years ago

@flavens you should apply the same change to comment of person too, since there are problems with other HTML characters used in comments of persons, see error in comment

SepidehAlassi commented 5 years ago

@tobiasschweizer same issue appears again after your recent merge on develope

tobiasschweizer commented 5 years ago

@SepidehAlassi Could you give me an example so I can check? I already use the new import data from last week.

tobiasschweizer commented 5 years ago

I think I figured out what the problem is:

"biblio:publicationHasTitle" : {
    "@id" : "http://rdfh.ch/0801/Ad0leUe4SSavG8MUAv2_PQ/values/NG-BFbYrQvGNpnOAeghEGQ",
    "@type" : "knora-api:TextValue",
    "knora-api:attachedToUser" : {
      "@id" : "http://rdfh.ch/users/PSGbemdjZi4kQ6GHJVkLGE"
    },
    "knora-api:hasPermissions" : "CR knora-base:Creator|M knora-base:ProjectMember|V knora-base:KnownUser|RV knora-base:UnknownUser",
    "knora-api:valueAsString" : "Correspondance mathématique et physique de quelques célèbres géomètres du XVIIIème siècle, précédée d&apos;une notice sur les travaux de Léonard Euler, tant imprimés qu&apos;inédits"
  },

The text value is a mere string, no markup (or standoff) is involved. So it is directly displayed as a string in the template. But the string contains the HTML entity ' which is only displayed correctly if the content is injected into the DOM (otherwise it is escaped). This only happens for the property knora-api:textValueAsHtml.

Could you avoid using entities in the string? What about &?

tobiasschweizer commented 5 years ago

in the beol app, there is a component ReadTextValueComponent that delegates each TextValue depending on the property that is used:

<span [ngSwitch]="valueObject.getClassName()">

    <kui-text-value-as-string *ngSwitchCase="KnoraConstants.ReadTextValueAsString"
                              [valueObject]="valueObject">
    </kui-text-value-as-string>

    <kui-text-value-as-xml *ngSwitchCase="KnoraConstants.ReadTextValueAsXml"
                              [valueObject]="valueObject">
    </kui-text-value-as-xml>

    <read-text-value-as-html *ngSwitchCase="KnoraConstants.ReadTextValueAsHtml"
                             [valueObject]="valueObject"
                             [ontologyInfo]="ontologyInfo"
                             [bindEvents]="bindEvents">
    </read-text-value-as-html>

</span>

SepidehAlassi commented 5 years ago

sorry closed it by mistake

tobiasschweizer commented 5 years ago

kui-text-value-as-string should convert characters if needed so they can be displayed correctly. If a string contains a &, the corresponding entity has to be used in HTML.

I think everything should be inserted into the DO to make that work.

SepidehAlassi commented 5 years ago

@SepidehAlassi Could you give me an example so I can check? I already use the new import data from last week.

Journal article with BEOL-IDs: landerbkgg

tobiasschweizer commented 5 years ago

kui-text-value-as-string should use ~~escape (https://www.w3schools.com/jsref/jsref_escape.asp)~~ convert chars into HTML entities if necessary and then assign it to the DOM.

tobiasschweizer commented 5 years ago

this has to be done in https://github.com/dhlab-basel/Knora-ui/issues/138

SepidehAlassi commented 5 years ago

@tobiasschweizer Do I get what you say right? you mean the converted data should not contain any HTML characters like that of & but should contain & as simple string? If & is not replaced by its html character in the text it causes errors in the validation of xml and bulk import.

tobiasschweizer commented 5 years ago

Ah, I see. Using the bulk import, you have to represent a & as &. I believe we solved that problem for standoff. But in case there is no markup, the string is saved as it is.

tobiasschweizer commented 5 years ago

so a & should be saved as one character.

SepidehAlassi commented 5 years ago

yes, it makes problem with bulk import. These cases do not have any markup, therefore they are stored as simple text.

tobiasschweizer commented 5 years ago

https://github.com/dhlab-basel/Knora/issues/1105

tobiasschweizer commented 5 years ago

@SepidehAlassi Can we close this, too?

SepidehAlassi commented 5 years ago

yes!