Tracking log entry will print encoded characters

xh / hoist-core

🏗️ The XH Hoist toolkit for Grails

https://xh.io/

Apache License 2.0

6 stars 2 forks source link

Tracking log entry will print encoded characters #228

Open febbraiod opened 2 years ago

febbraiod commented 2 years ago

In the client app, the tracking args are pass from the client via a promise chain with a call to .track().

The ampersand is part of the category field and I see it properly in the headers if I look at the network tab (ie NOT encoded).

amcclain commented 2 years ago

@cnrudd would you be able to take a look here? Note that the fix might be in hoist-core.

lbwexler commented 2 years ago

This is in fact in Hoist Core -- see:

https://github.com/xh/hoist-core/blob/821efc9ab769e65ea6d0ccb0f2da0144c8afa700/grails-app/controllers/io/xh/hoist/impl/XhController.groovy#L288

Moving to that project

lbwexler commented 2 years ago

Realize we discussed this, and perhaps even this very url, but putting it here for reference, as its very helpful for me in thinking about this: https://benhoyt.com/writings/dont-sanitize-do-escape/

Wondering if we can reconsider this, and look toward doing this particular sanitization where we display. React should handle it, and so should our store/ag-Grid assembly.

Realize this has all come up -- thought it might be worth revisiting in the context of this particular bug.