-
Notifications
You must be signed in to change notification settings - Fork 548
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sanitize bookmarks at save time #1307
base: master
Are you sure you want to change the base?
Conversation
It may be better to just follow CSV specification when saving/loading bookmarks: This would maintain compatibility with libreoffice/excel/database engines and other external tools, that support CSV format. |
I think we should agree on a format (and consider backwards compatibility implications) before making changes. The current format was not well designed, so I would be open to replacing it with something else. |
PR set to Draft till there is a decision. No opinion from me. Tell me when decided and I can update the PR. |
I had a look at the current format, and despite being called
So it looks like conforming to CSV would require extensive changes. Also, the tags field is a variable-length array, which is not well-suited to CSV. URL encoding seems like a reasonable way to make a minimal change to the existing format while mostly preserving compatibility. To maximize readability for humans, we could perhaps reduce the list of encoded characters (which is quite large by default). I think only " !\"#$&'()*+/:<=>?@[\\]^`{|}" |
Mixing tags and bookmarks in a single file does not look like good decision... XML or JSON or even sqlite may fit better, but any of these would add extra build dependencies. |
Agreed, but it was a decision that was made a long time ago. I might be open to a format change in a major release though, provided that support for reading the old format remains.
JSON is included in QT Core, so I don't think that would require a new dependency. Of course, JSON is not as human-friendly, and definitely not spreadsheet-friendly. |
Makes sense. :) Just notice that for those using accented characters like |
True, and I suppose that too is unnecessary. Maybe a more minimal ad-hoc escaping mechanism would be appropriate. |
It may be enough to just replace invalid characters in tag/bookmark names (comma, semicolon) with underscore and update documentation to reflect this behavior. Qt may output "human-frienly" JSON with |
Yeah, blocking or replacing |
There may be several implementation for replacing :
Any thought/preference ? |
My thoughts:
The change will be visible immediately (not while typing, of course). |
1 & 2 looks redundant to me. Only 2 is needed as it covers the case of creation and renaming. 😉 |
2 is not enough. It does not cover creation. You may test it yourself. |
…qrx-sdr#1117" This reverts commit 8c62788.
b0512fd
to
8be3dc3
Compare
Well, after some thinking around this, I pushed a new version using some dedicated delegate. Pros are that it will be flexible and easy to maintain. We can easily change the behavior or increase number of forbidden characters. Now it just totally prevent user to enter Cons are that it is handled at GUI level so if someone introduce a new widget/way that changes bookmark/tag names, it has to adopt the new delegate. Please give your thoughts about this. |
This PR aims at sanitizing bookmarks description when saved (see #1117)
Among available strategies, I used percent-encoding strings because :
Only sensitive fields are encoded:
The 2nd commit is simply a code refactoring of the
Bookmarks::save()
function using range-based for loops instead of older iterator loops. Mainly aiming at increasing function understandability.Has been placed as last commit so easily can be dropped if judged inappropriate.