Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
R
Rocket.Chat
Manage
Activity
Members
Code
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Deploy
Releases
Package registry
Model registry
Operate
Terraform modules
Analyze
Contributor analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
RocketChat
Rocket.Chat
Commits
96d31552
Unverified
Commit
96d31552
authored
4 years ago
by
Martin Schoeler
Committed by
GitHub
4 years ago
Browse files
Options
Downloads
Patches
Plain Diff
[FIX] Issue with special message rendering (#19817)
parent
016289c5
No related branches found
No related tags found
No related merge requests found
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
app/message-attachments/client/renderField.js
+3
-1
3 additions, 1 deletion
app/message-attachments/client/renderField.js
lib/escapeHTML.spec.ts
+19
-0
19 additions, 0 deletions
lib/escapeHTML.spec.ts
lib/escapeHTML.ts
+27
-0
27 additions, 0 deletions
lib/escapeHTML.ts
with
49 additions
and
1 deletion
app/message-attachments/client/renderField.js
+
3
−
1
View file @
96d31552
import
{
Template
}
from
'
meteor/templating
'
;
import
{
Blaze
}
from
'
meteor/blaze
'
;
import
{
escapeHTML
}
from
'
../../../lib/escapeHTML
'
;
const
renderers
=
{};
/**
...
...
@@ -49,7 +51,7 @@ Template.renderField.helpers({
html
=
Blaze
.
toHTMLWithData
(
Template
[
renderers
[
field
.
type
]],
{
field
,
message
});
}
else
{
// consider the value already formatted as html
html
=
field
.
value
;
html
=
escapeHTML
(
field
.
value
)
;
}
return
`<div class="
${
field
.
type
}
">
${
html
}
</div>`
;
},
...
...
This diff is collapsed.
Click to expand it.
lib/escapeHTML.spec.ts
0 → 100644
+
19
−
0
View file @
96d31552
import
assert
from
'
assert
'
;
import
{
describe
,
it
}
from
'
mocha
'
;
import
{
escapeHTML
}
from
'
./escapeHTML
'
;
describe
(
'
escapeHTML
'
,
()
=>
{
it
(
'
works
'
,
()
=>
{
assert
.
strictEqual
(
escapeHTML
(
'
<div>Blah & "blah" &
\'
blah
\'
</div>
'
),
'
<div>Blah & "blah" & 'blah'</div>
'
);
assert
.
strictEqual
(
escapeHTML
(
'
<
'
),
'
&lt;
'
);
assert
.
strictEqual
(
escapeHTML
(
'
'
),
'
'
);
assert
.
strictEqual
(
escapeHTML
(
'
¢
'
),
'
¢
'
);
assert
.
strictEqual
(
escapeHTML
(
'
¢ £ ¥ € © ®
'
),
'
¢ £ ¥ € © ®
'
);
assert
.
strictEqual
(
escapeHTML
(
5
as
unknown
as
string
),
'
5
'
);
assert
.
strictEqual
(
escapeHTML
(
''
),
''
);
assert
.
strictEqual
(
escapeHTML
(
null
as
unknown
as
string
),
''
);
assert
.
strictEqual
(
escapeHTML
(
undefined
as
unknown
as
string
),
''
);
});
});
This diff is collapsed.
Click to expand it.
lib/escapeHTML.ts
0 → 100644
+
27
−
0
View file @
96d31552
const
characterToHtmlEntityCode
=
{
'
¢
'
:
'
cent
'
,
'
£
'
:
'
pound
'
,
'
¥
'
:
'
yen
'
,
'
€
'
:
'
euro
'
,
'
©
'
:
'
copy
'
,
'
®
'
:
'
reg
'
,
'
<
'
:
'
lt
'
,
'
>
'
:
'
gt
'
,
'
"
'
:
'
quot
'
,
'
&
'
:
'
amp
'
,
'
\'
'
:
'
#39
'
,
}
as const
;
const
regex
=
new
RegExp
(
`[
${
Object
.
keys
(
characterToHtmlEntityCode
).
join
(
''
)
}
]`
,
'
g
'
);
const
toString
=
(
object
:
unknown
):
string
=>
(
object
?
`
${
object
}
`
:
''
);
const
isEscapable
=
(
char
:
string
):
char
is
keyof
typeof
characterToHtmlEntityCode
=>
char
in
characterToHtmlEntityCode
;
const
escapeChar
=
(
char
:
string
):
string
=>
(
isEscapable
(
char
)
?
`&
${
characterToHtmlEntityCode
[
char
]
}
;`
:
''
);
export
const
escapeHTML
=
(
str
:
string
):
string
=>
toString
(
str
).
replace
(
regex
,
escapeChar
);
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
