[wp-trac] [WordPress Trac] #20491: Introduce some JavaScript i18n functions
WordPress Trac
noreply at wordpress.org
Mon Oct 10 19:56:00 UTC 2016
#20491: Introduce some JavaScript i18n functions
--------------------------------------+-----------------------------
Reporter: johnbillion | Owner: swissspidy
Type: enhancement | Status: assigned
Priority: normal | Milestone: Future Release
Component: I18N | Version:
Severity: normal | Resolution:
Keywords: has-patch has-unit-tests | Focuses: javascript
--------------------------------------+-----------------------------
Comment (by jdgrimes):
I'm not sure that the escaping functions really make sense in JS. They
don't really have a practical use, as far as I can see. Unless you are
building HTML from strings via concatenation, which is generally
considered a bad practice, I think, due to the greater potential for
security issues.
In other words, I'd never do this:
{{{#!js
$el.html( '<div title=' + wp.i18n.esc_attr__( 'Hello World' ) + '"></div>'
);
}}}
Instead I'd do this:
{{{#!js
$el.html( $( '<div></div>' ).attr( 'title', wp.i18n.__( 'Hello World' ) )
);
}}}
No need to use `esc_attr__()`. Of course, the other way is just as safe if
the escaping function is used, but it encourages developers to follow a
pattern that in other circumstances could be very bad. (Especially
considering that there isn't a generic `esc_html()` or `esc_attr()`.)
Otherwise, really looking forward to this. :-)
--
Ticket URL: <https://core.trac.wordpress.org/ticket/20491#comment:53>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list