search

pelme / htpy

Generate HTML in Python
http://htpy.dev
MIT License
261 stars 11 forks source link

Markup is not respected. #21

Closed zulqasar closed 5 months ago

zulqasar commented 6 months ago

First and foremost, THANKS for this awesome library.

I am having trouble with Markup. Am I missing out on something?

import htpy as h
from markupsafe import Markup

script = Markup("""
    let editing = document.querySelector('.editing')
""")

btn = h.button(on_click=script)["edit"]

print('script: ', script)
print('btn: ', btn)

>>> script:  let editing = document.querySelector('.editing')
>>> btn:  <button on-click="let editing = document.querySelector(&#39;.editing&#39;)">edit</button>
pelme commented 6 months ago

This may be a bit confusing at first, but attributes are always escaped, regardless of whether or not it contains markup. This is a feature and this allows you to actually pass HTML fragments or script fragments.

Consider this htpy code:

button(onclick="let name = 'andreas'; alert('hi' + name);")["Say hi"]

The value of the attributes is escaped with &#39; to avoid breaking the quotes. The browser understands that and parses it as the proper quotes so it all works:

image

I realized that this behavior is not documented, will add a note to the docs about it!

zulqasar commented 6 months ago

Thanks for the quick reply. It addresses my concerns.

pelme commented 6 months ago

Reopening this issue until it's documented properly 🙂