Missing escping in dump_html

[alvinlindstam]

It appears like flame::dump_html writes json data to a script tag in the generated html file, without doing json or html escaping. That means that the generated page could be unable to load due to syntax errors or get incorrect values.

Trying out the flamegraph in https://github.com/RustPython/RustPython, I got syntax errors in the generated data such as:

{
name: "init VirtualMachine",
value: 307664657,
start: 80780829,
end: 388445486,
children: [
{
name: "call_method("__setattr__")",
value: 195873,
start: 80813067,
end: 81008940,
children: [
{

The flamegraph hade spans named call_method("__setattr__"), where the quotes would have to be escaped in order to be put in a javascript/json string.

[llogiq]

Thanks for letting us know. It'll be a while before I can look into this, but I'll gladly accept PRs.