fix(common): escape anchor for some anchors containing characters whi… #28193
Conversation
…ch is used for CSS
If there are some characters('.', ':', '>', etc.) which are for a part
of CSS selector in the anchor string, document.querySelector() throw
an error like below:
> ERROR DOMException: Failed to execute 'querySelector'
> on 'Document': '#fn:1' is not a valid selector.
So it should be escaped.
| @@ -105,6 +105,7 @@ export class BrowserViewportScroller implements ViewportScroller { | |||
| * @param anchor The ID of the anchor element. | |||
| */ | |||
| scrollToAnchor(anchor: string): void { | |||
| anchor = CSS.escape(anchor); | |||
There was a problem hiding this comment.
This doesn't work in all Angular supported browsers. Check the link you referenced for browser support
There was a problem hiding this comment.
Also this doesn't seem to be a role of Scroller, if Router allows special characters in fragment, then itself should handle the escaping (or just filter out invalid fragments).
There was a problem hiding this comment.
Agreed. I don't think this should be added to the Scroller. We assume a properly formatted anchor value for the platform you're on here.
jasonaden
added
the
area: common
|
I like the idea on this, however, I think the right answer here is for any application with this problem to provide their own Thoughts? |
When an anchor scroll happens, we run document.querySelector. This value can be taken directly from the user. Therefore it's possible to throw an error on scrolling, which can cause the application to fail. This PR escapes the selector before using it. Related to angular#28193 [Internal discussion](https://groups.google.com/a/google.com/forum/#!topic/angular-users/d82GHfmRKLc)
|
Thanks for this PR. I'm going to go ahead and close this one since I created a new one that has a backup for when |
When an anchor scroll happens, we run document.querySelector. This value can be taken directly from the user. Therefore it's possible to throw an error on scrolling, which can cause the application to fail. This PR escapes the selector before using it. Related to #28193 [Internal discussion](https://groups.google.com/a/google.com/forum/#!topic/angular-users/d82GHfmRKLc) PR Close #29577
When an anchor scroll happens, we run document.querySelector. This value can be taken directly from the user. Therefore it's possible to throw an error on scrolling, which can cause the application to fail. This PR escapes the selector before using it. Related to #28193 [Internal discussion](https://groups.google.com/a/google.com/forum/#!topic/angular-users/d82GHfmRKLc) PR Close #29577
…r#29577) When an anchor scroll happens, we run document.querySelector. This value can be taken directly from the user. Therefore it's possible to throw an error on scrolling, which can cause the application to fail. This PR escapes the selector before using it. Related to angular#28193 [Internal discussion](https://groups.google.com/a/google.com/forum/#!topic/angular-users/d82GHfmRKLc) PR Close angular#29577
|
This issue has been automatically locked due to inactivity. Read more about our automatic conversation locking policy. This action has been performed automatically by a bot. |
…ch is used for CSS
If there are some characters('.', ':', '>', etc.) which are for a part
of CSS selector in the anchor string, document.querySelector() throw
an error like below:
So it should be escaped.
Ref: https://developer.mozilla.org/en-US/docs/Web/API/CSS/escape#In_context_uses
PR Type
What kind of change does this PR introduce?
What is the current behavior?
Issue Number: N/A
What is the new behavior?
Does this PR introduce a breaking change?
Other information