URL in parameter shouldn't be escaped
piotr-yuxuan opened this issue · 5 comments
According to the doc:
Creates a URI instance from a variable list of arguments and an optional parameter map as the last argument. For example:
(url "/group/" 4 "/products" {:page 9})
=> "/group/4/products?page=9"So I did:
(hiccup.core/html
[:div [:script {:type "application/javascript"
:src (hiccup.util/url "/group/" 4 "/products"
{:page 9 :num_ber 3})}]])
;; => "<div><script src=\"/group/4/products?page=9&num_ber=3\" type=\"application/javascript\"></script></div>"This is with [hiccup "1.0.5"] as shown in the README.md. I've had some attempts with hiccup2 alpha2, to no avails.
Any suggestion?
Why do you think attributes shouldn't contain character entities?
How can you provide a URL with query parameters without plain & as a separator?
Example: key=value&other-key=value
Thanks you very much for your so prompt reply, I do appreciate it ;-) I've been stumbling upon this annoying behaviour for some time.
Exemple with hiccup2:
(hiccup2.core/html {:mode :html
:escape-strings? false}
[:div
[:script {:type "application/javascript"
:src (hiccup2.core/raw "/group/4/products?page=9&num_ber=3")}]])
;; => #object[hiccup.util.RawString
;; 0x77ac2e08
;; "<div><script src=\"/group/4/products?page=9&num_ber=3\" type=\"application/javascript\"></script></div>"]How can you provide a URL with query parameters without plain
&as a separator?
You use &, as Hiccup does. Character entities in attributes are resolved when rendering the page, so this link:
<a href="http://example.com/search?q=foo&page=1">foo</a>Will link to http://example.com/search?q=foo&page=1.
You can also use & directly, but you need to ensure that you don't accidentally include a character entity. Overall it's safer just to escape all unsafe characters as the browser will resolve them when the DOM is parsed.
👍