fix(template-compiler): escape attribute names (#4499)

Author: nolanlawson

packages/@lwc/integration-karma/test/template/escape-attr-name/index.spec.js

@@ -0,0 +1,66 @@
+import { createElement } from 'lwc';
+import { catchUnhandledRejectionsAndErrors } from 'test-utils';
+import BooleanValue from 'x/booleanValue';
+import StringValue from 'x/stringValue';
+
+// Browsers treat attribute names containing the ` (backtick) character differently
+// depending on whether the HTML is parsed or you call `setAttribute` directly.
+//
+// Succeeds:
+//
+//     elm.innerHTML = '<div a`b`c></div>'
+//
+// Fails with: Uncaught InvalidCharacterError: Failed to execute 'setAttribute' on 'Element': 'a`b`c' is not a valid attribute name.
+//
+//     elm.setAttribute(theName, 'a`b`c')
+//
+// Since the static content optimization only uses the first pattern and non-optimized only uses the second,
+// one case will work whereas the other will throw an error.
+//
+// Since using backticks in attribute names is fairly useless, we do not attempt to smooth out this difference.
+
+let caughtError;
+
+catchUnhandledRejectionsAndErrors((error) => {
+    caughtError = error;
+});
+
+afterEach(() => {
+    caughtError = undefined;
+});
+
+const scenarios = [
+    {
+        name: 'boolean-true-value',
+        expectedValue: '',
+        Ctor: BooleanValue,
+        tagName: 'x-boolean-value',
+    },
+    {
+        name: 'string-value',
+        expectedValue: 'yolo',
+        Ctor: StringValue,
+        tagName: 'x-string-value',
+    },
+];
+
+scenarios.forEach(({ name, expectedValue, Ctor, tagName }) => {
+    describe(name, () => {
+        it('should render attr names with proper escaping', async () => {
+            const elm = createElement(tagName, { is: Ctor });
+            document.body.appendChild(elm);
+
+            await Promise.resolve();
+            if (process.env.DISABLE_STATIC_CONTENT_OPTIMIZATION) {
+                expect(elm.shadowRoot.children.length).toBe(0); // does not render
+                expect(caughtError).not.toBeUndefined();
+                expect(caughtError.message).toMatch(
+                    /Failed to execute 'setAttribute' on 'Element'|Invalid qualified name|String contains an invalid character|The string contains invalid characters/
+                );
+            } else {
+                expect(elm.shadowRoot.children[0].getAttribute('a`b`c')).toBe(expectedValue);
+                expect(caughtError).toBeUndefined();
+            }
+        });
+    });
+});

packages/@lwc/integration-karma/test/template/escape-attr-name/x/booleanValue/booleanValue.html

@@ -0,0 +1,3 @@
+<template>
+    <div a`b`c></div>
+</template>

packages/@lwc/integration-karma/test/template/escape-attr-name/x/booleanValue/booleanValue.js

@@ -0,0 +1,3 @@
+import { LightningElement } from 'lwc';
+
+export default class extends LightningElement {}

packages/@lwc/integration-karma/test/template/escape-attr-name/x/stringValue/stringValue.html

@@ -0,0 +1,3 @@
+<template>
+    <div a`b`c="yolo"></div>
+</template>

packages/@lwc/integration-karma/test/template/escape-attr-name/x/stringValue/stringValue.js

@@ -0,0 +1,3 @@
+import { LightningElement } from 'lwc';
+
+export default class extends LightningElement {}

packages/@lwc/template-compiler/src/__tests__/fixtures/static-content/attr-name-escape/non-optimized/actual.html

@@ -0,0 +1,4 @@
+<template>
+    <div a`b`c></div>
+    <div a`b`c="yolo"></div>
+</template>

packages/@lwc/template-compiler/src/__tests__/fixtures/static-content/attr-name-escape/non-optimized/ast.json

@@ -0,0 +1,134 @@
+{
+    "root": {
+        "type": "Root",
+        "location": {
+            "startLine": 1,
+            "startColumn": 1,
+            "endLine": 4,
+            "endColumn": 12,
+            "start": 0,
+            "end": 73,
+            "startTag": {
+                "startLine": 1,
+                "startColumn": 1,
+                "endLine": 1,
+                "endColumn": 11,
+                "start": 0,
+                "end": 10
+            },
+            "endTag": {
+                "startLine": 4,
+                "startColumn": 1,
+                "endLine": 4,
+                "endColumn": 12,
+                "start": 62,
+                "end": 73
+            }
+        },
+        "directives": [],
+        "children": [
+            {
+                "type": "Element",
+                "name": "div",
+                "namespace": "http://www.w3.org/1999/xhtml",
+                "location": {
+                    "startLine": 2,
+                    "startColumn": 5,
+                    "endLine": 2,
+                    "endColumn": 22,
+                    "start": 15,
+                    "end": 32,
+                    "startTag": {
+                        "startLine": 2,
+                        "startColumn": 5,
+                        "endLine": 2,
+                        "endColumn": 16,
+                        "start": 15,
+                        "end": 26
+                    },
+                    "endTag": {
+                        "startLine": 2,
+                        "startColumn": 16,
+                        "endLine": 2,
+                        "endColumn": 22,
+                        "start": 26,
+                        "end": 32
+                    }
+                },
+                "attributes": [
+                    {
+                        "type": "Attribute",
+                        "name": "a`b`c",
+                        "value": {
+                            "type": "Literal",
+                            "value": true
+                        },
+                        "location": {
+                            "startLine": 2,
+                            "startColumn": 10,
+                            "endLine": 2,
+                            "endColumn": 15,
+                            "start": 20,
+                            "end": 25
+                        }
+                    }
+                ],
+                "properties": [],
+                "directives": [],
+                "listeners": [],
+                "children": []
+            },
+            {
+                "type": "Element",
+                "name": "div",
+                "namespace": "http://www.w3.org/1999/xhtml",
+                "location": {
+                    "startLine": 3,
+                    "startColumn": 5,
+                    "endLine": 3,
+                    "endColumn": 29,
+                    "start": 37,
+                    "end": 61,
+                    "startTag": {
+                        "startLine": 3,
+                        "startColumn": 5,
+                        "endLine": 3,
+                        "endColumn": 23,
+                        "start": 37,
+                        "end": 55
+                    },
+                    "endTag": {
+                        "startLine": 3,
+                        "startColumn": 23,
+                        "endLine": 3,
+                        "endColumn": 29,
+                        "start": 55,
+                        "end": 61
+                    }
+                },
+                "attributes": [
+                    {
+                        "type": "Attribute",
+                        "name": "a`b`c",
+                        "value": {
+                            "type": "Literal",
+                            "value": "yolo"
+                        },
+                        "location": {
+                            "startLine": 3,
+                            "startColumn": 10,
+                            "endLine": 3,
+                            "endColumn": 22,
+                            "start": 42,
+                            "end": 54
+                        }
+                    }
+                ],
+                "properties": [],
+                "directives": [],
+                "listeners": [],
+                "children": []
+            }
+        ]
+    }
+}

packages/@lwc/template-compiler/src/__tests__/fixtures/static-content/attr-name-escape/non-optimized/config.json

@@ -0,0 +1,3 @@
+{
+  "enableStaticContentOptimization": false
+}

packages/@lwc/template-compiler/src/__tests__/fixtures/static-content/attr-name-escape/non-optimized/expected.js

@@ -0,0 +1,31 @@
+import _implicitStylesheets from "./non-optimized.css";
+import _implicitScopedStylesheets from "./non-optimized.scoped.css?scoped=true";
+import { freezeTemplate, registerTemplate } from "lwc";
+const stc0 = {
+  attrs: {
+    "a`b`c": "",
+  },
+  key: 0,
+};
+const stc1 = {
+  attrs: {
+    "a`b`c": "yolo",
+  },
+  key: 1,
+};
+function tmpl($api, $cmp, $slotset, $ctx) {
+  const { h: api_element } = $api;
+  return [api_element("div", stc0), api_element("div", stc1)];
+  /*LWC compiler vX.X.X*/
+}
+export default registerTemplate(tmpl);
+tmpl.stylesheets = [];
+tmpl.stylesheetToken = "lwc-71tdq7g4m0k";
+tmpl.legacyStylesheetToken = "x-non-optimized_non-optimized";
+if (_implicitStylesheets) {
+  tmpl.stylesheets.push.apply(tmpl.stylesheets, _implicitStylesheets);
+}
+if (_implicitScopedStylesheets) {
+  tmpl.stylesheets.push.apply(tmpl.stylesheets, _implicitScopedStylesheets);
+}
+freezeTemplate(tmpl);

packages/@lwc/template-compiler/src/__tests__/fixtures/static-content/attr-name-escape/non-optimized/metadata.json

@@ -0,0 +1,26 @@
+{
+    "warnings": [
+        {
+            "code": 1057,
+            "message": "LWC1057: a`b`c is not valid attribute for div. For more information refer to https://developer.mozilla.org/en-US/docs/Web/HTML/Element/div",
+            "level": 2,
+            "location": {
+                "line": 2,
+                "column": 10,
+                "start": 20,
+                "length": 5
+            }
+        },
+        {
+            "code": 1057,
+            "message": "LWC1057: a`b`c is not valid attribute for div. For more information refer to https://developer.mozilla.org/en-US/docs/Web/HTML/Element/div",
+            "level": 2,
+            "location": {
+                "line": 3,
+                "column": 10,
+                "start": 42,
+                "length": 12
+            }
+        }
+    ]
+}

packages/@lwc/template-compiler/src/__tests__/fixtures/static-content/attr-name-escape/optimized/actual.html

@@ -0,0 +1,4 @@
+<template>
+    <div a`b`c></div>
+    <div a`b`c="yolo"></div>
+</template>