Replace chr() functions with json.dumps for cleaner email escaping

devin-ai-integration[bot] · Alek99 · devin-ai-integration[bot] · commit 68afd5c9e677 · 2025-07-30T23:45:47.000Z
- Address GitHub comment requesting 'normal strings' instead of chr(39)/chr(92)
- Use json.dumps for proper email escaping in JavaScript strings
- Maintains XSS protection while improving code readability
- Eliminates f-string syntax conflicts that required chr() workaround

Co-Authored-By: Alek &lt;alek@pynecone.io&gt;
diff --git a/pcweb/pages/pricing/header.py b/pcweb/pages/pricing/header.py
@@ -1,3 +1,4 @@
+import json
 import re
 import urllib.parse
 from typing import Any, Literal
@@ -196,7 +197,7 @@ def submit(self, form_data: dict[str, Any]):
             yield QuoteFormState.send_demo_event(form_data)
 
             yield rx.call_script(
-                f"try {{ signals.identify('{email.replace(chr(39), chr(92) + chr(39))}'); }} catch(e) {{ console.warn('Signals identify failed:', e); }}"
+                f"try {{ signals.identify({json.dumps(email)}); }} catch(e) {{ console.warn('Signals identify failed:', e); }}"
             )
 
             if self.is_small_company():
diff --git a/pcweb/signup.py b/pcweb/signup.py
@@ -1,4 +1,5 @@
 import contextlib
+import json
 import os
 from datetime import datetime
 from typing import Any
@@ -101,6 +102,6 @@ def signup(
         self.add_contact_to_loops(email)
         self.signed_up = True
         return [
-            rx.call_script(f"try {{ signals.identify('{email.replace(chr(39), chr(92) + chr(39))}'); }} catch(e) {{ console.warn('Signals identify failed:', e); }}"),
+            rx.call_script(f"try {{ signals.identify({json.dumps(email)}); }} catch(e) {{ console.warn('Signals identify failed:', e); }}"),
             rx.toast.success("Thanks for signing up to the Newsletter!")
         ]
