Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Escape HTML entities in endpoint names #374 #1119

Merged
merged 2 commits into from
Oct 23, 2019
Merged

Escape HTML entities in endpoint names #374 #1119

merged 2 commits into from
Oct 23, 2019

Conversation

peterdemin
Copy link
Contributor

URL names (for stats) were not HTML-escaped in the dashboard.
This made names with angle brackets disappear. For example:

self.client.get(url, name='/some-resource/upload/<uuid>')

would show up as /some-resource/upload/ instead of /some-resource/upload/<uuid> which is confusing.

I added new key to /stats/request - "safe_name" - so that escaping
is on the server side and javascript has less logic.

Escape HTML entities in endpoint names locustio#374
7e0d71c 
URL names (for stats) were not HTML-escaped in the dashboard.
This made names with angle brackets disappear. For example:

```
self.client.get(url, name='/some-resource/upload/<uuid>')
```

would show up as `/some-resource/upload/` instead of `/some-resource/upload/<uuid>` which is confusing.

I added new key to /stats/request - "safe_name" - so that escaping
is on the server side and javascript has less logic.
@peterdemin peterdemin mentioned this pull request Oct 23, 2019
Closed
@cyberw
Copy link
Collaborator

cyberw commented Oct 23, 2019

Awesome! Looks like it has issues in Python 2.7 though... "ImportError: No module named html"

@cyberw cyberw mentioned this pull request Oct 23, 2019
Closed
fix Python 2 compatibility
639ddd2 
Actually cgi.escape is still available in Python3.7, but is deprecated.
So going forward, it's safer to import escape from html.

I disabled escaping quotes (quote=False) for consistency and because
it's not needed for this purpose.
@codecov
Copy link

codecov bot commented Oct 23, 2019
edited
Loading

Codecov Report

Merging #1119 into master will increase coverage by 0.06%.
The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #1119      +/-   ##
==========================================
+ Coverage   72.69%   72.75%   +0.06%     
==========================================
  Files          18       18              
  Lines        1765     1769       +4     
  Branches      262      262              
==========================================
+ Hits         1283     1287       +4     
  Misses        420      420              
  Partials       62       62
Impacted Files Coverage Δ
locust/web.py 81.96% <100%> (+0.61%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7492bb6...639ddd2. Read the comment docs.

@peterdemin
Copy link
Contributor Author

Ah, I forgot to check if Python 2.7 is still supported. BTW, what are the plans on dropping Python 2.7 support?

@cyberw
Copy link
Collaborator

cyberw commented Oct 23, 2019

Hopefully soon, IMHO :) thanks for your contribution!

@cyberw cyberw merged commit abd8052 into locustio:master Oct 23, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@peterdemin @cyberw