juice icon indicating copy to clipboard operation
juice copied to clipboard

Published 20 hours ago verified publisher icon Automattic

Custom attributes and single quotes aren't converted properly

Open WayneUong opened this issue 7 years ago • 3 comments

data-sheets-userformat='{"2":5059,"3":[null,0],"4":[null,2,15389148],"9":1,"10":1,"11":4,"12":0,"15":"Calibri"}' and style='font-family: "Times New Roman"' are converted into: data-sheets-userformat="{"2":5059,"3":[null,0],"4":[null,2,15389148],"9":1,"10":1,"11":4,"12":0,"15":"Calibri"}" and style="font-family: "Times New Roman""

The single quotes ' are converted into double quotes ", which break the html.

WayneUong avatar Sep 04 '17 17:09 WayneUong

I have a feeling this is happening in one of the dependencies juice uses, but I agree this is a problem. A PR to fix this would be most welcome.

jrit avatar Dec 29 '17 21:12 jrit

@WayneUong

sanitize the html beforehand: https://github.com/punkave/sanitize-html

e.g., before: screen shot 2018-02-20 at 2 12 05 pm

after: screen shot 2018-02-20 at 2 11 59 pm

bewallyt avatar Feb 20 '18 20:02 bewallyt

This is especially egregious in Chrome. See https://codesandbox.io/s/elated-goodall-d3h8eb?file=/src/index.js.

const app = document.getElementById("app");

app.style.fontFamily = "Segoe UI, Arial, sans-serif";

var juice = require("juice");
var result = juice(`
<style>div{color:red;}</style>
${app.outerHTML}
`);

console.log(result);

This results in a font family of &quot; undefined: SegoeUI&quot; undefined: ,Arial,sans-serif;.

caseyjhol avatar May 06 '22 22:05 caseyjhol