george/PrivateBin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

in Helper.urls2links(), encode HTML entities, find and insert links, partially decoding only the href property of it

Browse Source
This commit is contained in:
El RIDO
2020-02-29 09:37:54 +01:00
parent d2e9e47b67
commit 5340f417e0
4 changed files with 25 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
js/privatebin.js
View File

@@ -297,10 +297,25 @@ jQuery.PrivateBin = (function($, RawDeflate) {
*/
me.urls2links = function(html)
{
return html.replace(
/(((https?|ftp):\/\/[\w?!=&.\/-;#@~%+*-]+(?![\w\s?!&.\/;#~%"=-]*>))|((magnet):[\w?=&.\/-;#@~%+*-]+))/ig,
'<a href="$1" rel="nofollow">$1</a>'
);
let reverseEntityMap = {};
for (let entity of ['&', '"', '/', '=']) {
reverseEntityMap[entityMap[entity]] = entity;
}
const entityRegex = new RegExp(Object.keys(reverseEntityMap).join('|'), 'g');
// encode HTML entities, find and insert links, partially decoding only the href property of it
return me.htmlEntities(html)
.replace(
/(((https?|ftp):&#x2F;&#x2F;[\w?!&.-;#@~%+*-]+(?![\w\s?!&.;#~%-]*>))|((magnet):[\w?&.-;#@~%+*-]+))/ig,
function(encodedUrl) {
let decodedUrl = encodedUrl.replace(
entityRegex, function(entity) {
return reverseEntityMap[entity];
}
);
return '<a href="' + decodedUrl + '" rel="nofollow">' + encodedUrl + '</a>';
}
)
};
/**

11
js/test/Helper.js
View File

@@ -81,7 +81,7 @@ describe('Helper', function () {
'ignores non-URL content',
'string',
function (content) {
return content === $.PrivateBin.Helper.urls2links(content);
return $.PrivateBin.Helper.htmlEntities(content) === $.PrivateBin.Helper.urls2links(content);
}
);
jsc.property(
@@ -95,8 +95,7 @@ describe('Helper', function () {
function (prefix, schema, address, query, fragment, postfix) {
query = query.join('');
fragment = fragment.join('');
prefix = $.PrivateBin.Helper.htmlEntities(prefix);
postfix = ' ' + $.PrivateBin.Helper.htmlEntities(postfix);
postfix = ' ' + postfix;
let url = schema + '://' + address.join('') + '/?' + query + '#' + fragment;
// special cases: When the query string and fragment imply the beginning of an HTML entity, eg. &#0 or &#x
@@ -109,7 +108,7 @@ describe('Helper', function () {
postfix = '';
}
return prefix + '<a href="' + url + '" rel="nofollow">' + url + '</a>' + postfix === $.PrivateBin.Helper.urls2links(prefix + url + postfix);
return $.PrivateBin.Helper.htmlEntities(prefix) + '<a href="' + url + '" rel="nofollow">' + $.PrivateBin.Helper.htmlEntities(url) + '</a>' + $.PrivateBin.Helper.htmlEntities(postfix) === $.PrivateBin.Helper.urls2links(prefix + url + postfix);
}
);
jsc.property(
@@ -118,10 +117,8 @@ describe('Helper', function () {
jsc.array(common.jscQueryString()),
'string',
function (prefix, query, postfix) {
prefix = $.PrivateBin.Helper.htmlEntities(prefix);
postfix = $.PrivateBin.Helper.htmlEntities(postfix);
let url = 'magnet:?' + query.join('').replace(/^&+|&+$/gm,'');
return prefix + '<a href="' + url + '" rel="nofollow">' + url + '</a> ' + postfix === $.PrivateBin.Helper.urls2links(prefix + url + ' ' + postfix);
return $.PrivateBin.Helper.htmlEntities(prefix) + '<a href="' + url + '" rel="nofollow">' + $.PrivateBin.Helper.htmlEntities(url) + '</a> ' + $.PrivateBin.Helper.htmlEntities(postfix) === $.PrivateBin.Helper.urls2links(prefix + url + ' ' + postfix);
}
);
});