ISSUE #1498: Fix double quotes in heatmap route names

robiningelbrecht · robiningelbrecht · commit 717aec68a157 · 2025-12-07T19:54:35.000+01:00
diff --git a/config/reference.php b/config/reference.php
@@ -1095,6 +1095,17 @@
  *     doctrine?: DoctrineConfig,
  *     doctrine_migrations?: DoctrineMigrationsConfig,
  *     twig?: TwigConfig,
+ *     "when@dev"?: array{
+ *         imports?: ImportsConfig,
+ *         parameters?: ParametersConfig,
+ *         services?: ServicesConfig,
+ *         framework?: FrameworkConfig,
+ *         flysystem?: FlysystemConfig,
+ *         monolog?: MonologConfig,
+ *         doctrine?: DoctrineConfig,
+ *         doctrine_migrations?: DoctrineMigrationsConfig,
+ *         twig?: TwigConfig,
+ *     },
  *     "when@prod"?: array{
  *         imports?: ImportsConfig,
  *         parameters?: ParametersConfig,
@@ -1197,6 +1208,7 @@ public static function config(array $config): array
  *     deprecated?: array{package:string, version:string, message?:string},
  * }
  * @psalm-type RoutesConfig = array{
+ *     "when@dev"?: array<string, RouteConfig|ImportConfig|AliasConfig>,
  *     "when@prod"?: array<string, RouteConfig|ImportConfig|AliasConfig>,
  *     "when@test"?: array<string, RouteConfig|ImportConfig|AliasConfig>,
  *     ...<string, RouteConfig|ImportConfig|AliasConfig>
diff --git a/src/Domain/Activity/Activity.php b/src/Domain/Activity/Activity.php
@@ -410,7 +410,7 @@ public function getName(): string
 
     public function getSanitizedName(): string
     {
-        return Escape::htmlSpecialChars($this->getName());
+        return Escape::forJsonEncode($this->getName());
     }
 
     public function updateName(string $name): self
diff --git a/src/Domain/Activity/GpxSerializer.php b/src/Domain/Activity/GpxSerializer.php
@@ -54,10 +54,10 @@ public function serialize(ActivityId $activityId): ?string
         $metadataNode->addChild('time', $activity->getStartDate()->format(self::DATE_TIME_FORMAT));
 
         $trkNode = $rootNode->addChild('trk');
-        $trkNode->addChild('name', Escape::htmlSpecialChars($activity->getName()));
+        $trkNode->addChild('name', Escape::forJsonEncode($activity->getName()));
         $trkNode->addChild('type', $activity->getSportType()->value);
         if ($description = $activity->getDescription()) {
-            $trkNode->addChild('desc', Escape::htmlSpecialChars($description));
+            $trkNode->addChild('desc', Escape::forJsonEncode($description));
         }
         $trksegNode = $trkNode->addChild('trkseg');
 
diff --git a/src/Domain/Activity/Route/Route.php b/src/Domain/Activity/Route/Route.php
@@ -133,10 +133,10 @@ public function jsonSerialize(): array
             'id' => $this->getActivityId(),
             'startDate' => $startDate,
             'distance' => $distance,
-            'name' => Escape::htmlSpecialChars(str_replace(['"', '\''], '', $this->getName())), // Fix for ISSUE-1498
+            'name' => Escape::forJsonEncode($this->getName()),
             'location' => [
                 'countryCode' => $this->getLocation()->getCountryCode(),
-                'state' => $state ? str_replace(['"', '\''], '', $state) : null, // Fix for ISSUE-287
+                'state' => $state ? Escape::forJsonEncode($state) : null,
             ],
             'filterables' => [
                 'sportType' => $this->getSportType(),
diff --git a/src/Domain/Dashboard/Widget/TrainingLoad/TrainingLoadChart.php b/src/Domain/Dashboard/Widget/TrainingLoad/TrainingLoadChart.php
@@ -126,7 +126,7 @@ public function build(): array
             'yAxis' => [
                 [
                     'type' => 'value',
-                    'name' => Escape::htmlSpecialChars($this->translator->trans('Daily TRIMP')),
+                    'name' => Escape::forJsonEncode($this->translator->trans('Daily TRIMP')),
                     'nameLocation' => 'middle',
                     'nameGap' => 35,
                     'gridIndex' => 1,
@@ -137,7 +137,7 @@ public function build(): array
                 ],
                 [
                     'type' => 'value',
-                    'name' => Escape::htmlSpecialChars($this->translator->trans('Load (CTL/ATL)')),
+                    'name' => Escape::forJsonEncode($this->translator->trans('Load (CTL/ATL)')),
                     'nameLocation' => 'middle',
                     'nameGap' => 35,
                     'gridIndex' => 0,
@@ -150,7 +150,7 @@ public function build(): array
                 ],
                 [
                     'type' => 'value',
-                    'name' => Escape::htmlSpecialChars($this->translator->trans('Form (TSB)')),
+                    'name' => Escape::forJsonEncode($this->translator->trans('Form (TSB)')),
                     'nameLocation' => 'middle',
                     'nameGap' => 35,
                     'gridIndex' => 0,
@@ -166,7 +166,7 @@ public function build(): array
             ],
             'series' => [
                 [
-                    'name' => Escape::htmlSpecialChars($this->translator->trans('CTL (Fitness)')),
+                    'name' => Escape::forJsonEncode($this->translator->trans('CTL (Fitness)')),
                     'type' => 'line',
                     'data' => $this->trainingMetrics->getCtlValuesForXLastDays(self::NUMBER_OF_DAYS_TO_DISPLAY),
                     'smooth' => true,
@@ -175,7 +175,7 @@ public function build(): array
                     'yAxisIndex' => 1,
                 ],
                 [
-                    'name' => Escape::htmlSpecialChars($this->translator->trans('ATL (Fatigue)')),
+                    'name' => Escape::forJsonEncode($this->translator->trans('ATL (Fatigue)')),
                     'type' => 'line',
                     'data' => $this->trainingMetrics->getAtlValuesForXLastDays(self::NUMBER_OF_DAYS_TO_DISPLAY),
                     'smooth' => true,
@@ -184,7 +184,7 @@ public function build(): array
                     'yAxisIndex' => 1,
                 ],
                 [
-                    'name' => Escape::htmlSpecialChars($this->translator->trans('TSB (Form)')),
+                    'name' => Escape::forJsonEncode($this->translator->trans('TSB (Form)')),
                     'type' => 'line',
                     'data' => $tsbValues,
                     'smooth' => true,
@@ -200,21 +200,21 @@ public function build(): array
                         'data' => [
                             [
                                 'yAxis' => 15,
-                                'label' => ['formatter' => Escape::htmlSpecialChars($this->translator->trans('Taper sweet-spot (+15)'))],
+                                'label' => ['formatter' => Escape::forJsonEncode($this->translator->trans('Taper sweet-spot (+15)'))],
                             ],
                             [
                                 'yAxis' => -10,
-                                'label' => ['formatter' => Escape::htmlSpecialChars($this->translator->trans('Build zone (–10)'))],
+                                'label' => ['formatter' => Escape::forJsonEncode($this->translator->trans('Build zone (–10)'))],
                             ],
                             [
                                 'yAxis' => -30,
-                                'label' => ['formatter' => Escape::htmlSpecialChars($this->translator->trans('Over-fatigued (–30)'))],
+                                'label' => ['formatter' => Escape::forJsonEncode($this->translator->trans('Over-fatigued (–30)'))],
                             ],
                         ],
                     ],
                 ],
                 [
-                    'name' => Escape::htmlSpecialChars($this->translator->trans('Daily TRIMP')),
+                    'name' => Escape::forJsonEncode($this->translator->trans('Daily TRIMP')),
                     'type' => 'bar',
                     'data' => $this->trainingMetrics->getTrimpValuesForXLastDays(self::NUMBER_OF_DAYS_TO_DISPLAY),
                     'itemStyle' => ['color' => '#FC4C02'],
diff --git a/src/Domain/Gear/DistanceOverTimePerGearChart.php b/src/Domain/Gear/DistanceOverTimePerGearChart.php
@@ -73,7 +73,7 @@ public function build(): array
         $selectedSeries = [];
         /** @var Gear $gear */
         foreach ($gears as $gear) {
-            $gearName = Escape::htmlSpecialChars($gear->getName());
+            $gearName = Escape::forJsonEncode($gear->getName());
             $selectedSeries[$gearName] = !$gear->isRetired();
 
             $series[] = [
diff --git a/src/Domain/Gear/DistancePerMonthPerGearChart.php b/src/Domain/Gear/DistancePerMonthPerGearChart.php
@@ -71,7 +71,7 @@ public function build(): array
         $unitSymbol = $this->unitSystem->distanceSymbol();
 
         foreach ($gears as $gear) {
-            $gearName = Escape::htmlSpecialChars($gear->getName());
+            $gearName = Escape::forJsonEncode($gear->getName());
             $distanceInLastThreeMonths = array_sum(array_slice($distancePerGearAndMonth[(string) $gear->getId()], -3, 3));
             $selectedSeries[$gearName] = $distanceInLastThreeMonths > 0;
 
diff --git a/src/Domain/Gear/MovingTimePerGearChart.php b/src/Domain/Gear/MovingTimePerGearChart.php
@@ -41,7 +41,7 @@ public function build(): array
             }
             $data[] = [
                 'value' => round($time / 3600),
-                'name' => Escape::htmlSpecialChars($gear->getName()),
+                'name' => Escape::forJsonEncode($gear->getName()),
                 'itemStyle' => [
                     'color' => Theme::getColorForGear($gear->getId()),
                 ],
diff --git a/src/Infrastructure/Serialization/Escape.php b/src/Infrastructure/Serialization/Escape.php
@@ -6,8 +6,10 @@
 
 final readonly class Escape
 {
-    public static function htmlSpecialChars(string $string): string
+    public static function forJsonEncode(string $string): string
     {
-        return htmlspecialchars($string, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8');
+        return $string
+                |> (fn (string $value): string => str_replace(['"', '\''], '', $value))
+                |> (fn (string $value): string => htmlspecialchars($value, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8'));
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -410,7 +410,7 @@ public function getName(): string`
`410`	`410`
`411`	`411`	`public function getSanitizedName(): string`
`412`	`412`	`{`
`413`		`- return Escape::htmlSpecialChars($this->getName());`
	`413`	`+ return Escape::forJsonEncode($this->getName());`
`414`	`414`	`}`
`415`	`415`
`416`	`416`	`public function updateName(string $name): self`
Original file line number	Diff line number	Diff line change
`@@ -41,7 +41,7 @@ public function build(): array`
`41`	`41`	`}`
`42`	`42`	`$data[] = [`
`43`	`43`	`'value' => round($time / 3600),`
`44`		`- 'name' => Escape::htmlSpecialChars($gear->getName()),`
	`44`	`+ 'name' => Escape::forJsonEncode($gear->getName()),`
`45`	`45`	`'itemStyle' => [`
`46`	`46`	`'color' => Theme::getColorForGear($gear->getId()),`
`47`	`47`	`],`
Original file line number	Diff line number	Diff line change
`@@ -6,8 +6,10 @@`
`6`	`6`
`7`	`7`	`final readonly class Escape`
`8`	`8`	`{`
`9`		`- public static function htmlSpecialChars(string $string): string`
	`9`	`+ public static function forJsonEncode(string $string): string`
`10`	`10`	`{`
`11`		`- return htmlspecialchars($string, ENT_QUOTES \| ENT_SUBSTITUTE, 'UTF-8');`
	`11`	`+ return $string`
	`12`	`+ \|> (fn (string $value): string => str_replace(['"', '\''], '', $value))`
	`13`	`+ \|> (fn (string $value): string => htmlspecialchars($value, ENT_QUOTES \| ENT_SUBSTITUTE, 'UTF-8'));`
`12`	`14`	`}`
`13`	`15`	`}`