Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Minor syntax bug when using quotes in the app's name #1876

Open
Malasaur opened this issue Jun 16, 2024 · 1 comment
Open

Minor syntax bug when using quotes in the app's name #1876

Malasaur opened this issue Jun 16, 2024 · 1 comment
Labels
android The issue relates to Android mobile support. bug A crash or error in behavior. good first issue Is this your first time contributing? This could be a good place to start!

Comments

@Malasaur
Copy link

Describe the bug

I've just noticed that if you create an app and include a quote in the name ('), briefcase does not escape it inside the settings.gradle file. Nothing very concerning, just a bit misleading for people who may not know about this kinda stuff

Steps to reproduce

  1. Create a new app with briefcase
  2. Include ' inside the name, e.g. "John Doe's amazing application"
  3. Build it for Android
  4. See error
    Why does writing this feel like greentext?

Expected behavior

I expected it to compile without errors. lol

Screenshots

No response

Environment

Like, are these really needed?

  • Operating System: Endeavour OS
  • Python version: 3.12.3
  • Software versions:
    • Briefcase: 0.3.19
    • Toga: 0.4.5

Logs

No response

Additional context

No response
@Malasaur Malasaur added the bug A crash or error in behavior. label Jun 16, 2024
@freakboy3742 freakboy3742 added the android The issue relates to Android mobile support. label Jun 17, 2024
@freakboy3742
Copy link
Member

Thanks for the report. This is a class of problem we've been slowly squashing over time; See #905, #1746, and some others.

If you're interested in trying your hand at fixing this, the history and linked issues for #1746 are a good point of comparison.

The fix for this comes in 2 parts.

The first part is that we need to modify the briefcase-android-gradle-template so that anywhere user-generated content is inserted, it is appropriately escaped.

The second part is that we need an appropriate escape filter. We have escaping filters for XML, TOML and PLIST; we clearly need one for gradle as well. This will likely be structurally similar to the TOML filter, except that it's the ' character that needs escaping.

It would also be worth auditing all the other places that user-generated content is being inserted. Based on a quick inspection, it looks like an app with a formal name or app name that contains < or > will likely cause issues, as they need to be escaped in strings.xml. Anywhere that a {{ cookiecutter.something }} value is inserted in a template, we should be ensuring that the right escaping is occurring. Unless the value is intended as a template insertion (e.g., android_manifest_activity_attrs_extra_content), all user-provided content should be escaped.

@freakboy3742 freakboy3742 added the good first issue Is this your first time contributing? This could be a good place to start! label Jun 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
android The issue relates to Android mobile support. bug A crash or error in behavior. good first issue Is this your first time contributing? This could be a good place to start!
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@freakboy3742 @Malasaur