Skip to content

Transform placeables (escape values) #587

New issue
New issue
Open
Open
Transform placeables (escape values)#587
@slavafomin

Description

@slavafomin
slavafomin
opened on Apr 23, 2022

Hello!

Thank you for this great library!

However, I'm building HTML messages with Fluent and I need to insert user-generated content into the final messages using placeables. The thing is that user could provide values containing HTML, which could break the final markup or could even be dangerous. All templating systems allow to escape values passed to the templates. It would be great if Fluent would have such functionality as well.

E.g.:

new FluentBundle('en', {
  transformPlaceable: value => escapeHtml(value),
});

Fluent bundle has a transform option, but it receives everything, but not the values.

I know I can escape the values before passing them to Fluent, but having it at the Fluent level will be more convenient and will better mimic how templating systems work.

What do you think? Thanks!

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions