I often find myself wanting to include a string with some formatting into a translated sentence. E.G "The user Sigmund performed this commit"
Looking at the source code it seems formatMessage allways performs html-escape (unless you hit the precompiled format optimization which doesn't and is probably a security issue...)
Recent versions of dustjs-linkedin allows you to return data from a helper and utilize the dustjs filters to do escaping. With this approach the following diff:
diff --git a/src/helpers.js b/src/helpers.js
index 2037abd..cc69305 100644
--- a/src/helpers.js
+++ b/src/helpers.js
@@ -240,14 +240,12 @@ function registerWith (dust) {
// optimization for messages that have already been compiled
if ('object' === typeof msg && 'function' === typeof msg.format) {
- chunk.write(msg.format(params));
- return chunk;
+ return msg.format(params);
}
formatOptions = contextGet(context, ['intl', 'formats']);
locales = getLocales(chunk, params, context);
formatter = getMessageFormat(msg, locales, formatOptions);
- chunk.write(dust.escapeHtml(formatter.format(params)));
- return chunk;
+ return formatter.format(params);
}
}
will allow formatMessage to be used like this:
{@formatMessage _key="mystring" user="<strong>Sigmund</strong>" filters="|u"/>
If filters are not set the default is still to html-escape, so it should be backwards compatible with existing templates.
I often find myself wanting to include a string with some formatting into a translated sentence. E.G "The user Sigmund performed this commit"
Looking at the source code it seems formatMessage allways performs html-escape (unless you hit the precompiled format optimization which doesn't and is probably a security issue...)
Recent versions of dustjs-linkedin allows you to return data from a helper and utilize the dustjs filters to do escaping. With this approach the following diff:
will allow formatMessage to be used like this:
If filters are not set the default is still to html-escape, so it should be backwards compatible with existing templates.