blitzwing/bintzwing
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

in Helper.urls2links(), encode HTML entities, find and insert links, partially decoding only the href property of it

Browse source
This commit is contained in:
El RIDO 2020-02-29 09:37:54 +01:00
parent d2e9e47b67
commit 5340f417e0
No known key found for this signature in database
GPG key ID: 0F5C940A6BD81F92
4 changed files with 25 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
js/privatebin.js
View file

@ -297,10 +297,25 @@ jQuery.PrivateBin = (function($, RawDeflate) {
*/ */
me.urls2links = function(html) me.urls2links = function(html)
{ {
return html.replace( let reverseEntityMap = {};
/(((https?|ftp):\/\/[\w?!=&.\/-;#@~%+*-]+(?![\w\s?!&.\/;#~%"=-]*>))|((magnet):[\w?=&.\/-;#@~%+*-]+))/ig, for (let entity of ['&', '"', '/', '=']) {
'<a href="$1" rel="nofollow">$1</a>' reverseEntityMap[entityMap[entity]] = entity;
}
const entityRegex = new RegExp(Object.keys(reverseEntityMap).join('|'), 'g');
// encode HTML entities, find and insert links, partially decoding only the href property of it
return me.htmlEntities(html)
.replace(
/(((https?|ftp):&#x2F;&#x2F;[\w?!&.-;#@~%+*-]+(?![\w\s?!&.;#~%-]*>))|((magnet):[\w?&.-;#@~%+*-]+))/ig,
function(encodedUrl) {
let decodedUrl = encodedUrl.replace(
entityRegex, function(entity) {
return reverseEntityMap[entity];
}
); );
return '<a href="' + decodedUrl + '" rel="nofollow">' + encodedUrl + '</a>';
}
)
}; };
/** /**

11
js/test/Helper.js
View file

@ -81,7 +81,7 @@ describe('Helper', function () {
'ignores non-URL content', 'ignores non-URL content',
'string', 'string',
function (content) { function (content) {
return content === $.PrivateBin.Helper.urls2links(content); return $.PrivateBin.Helper.htmlEntities(content) === $.PrivateBin.Helper.urls2links(content);
} }
); );
jsc.property( jsc.property(
@ -95,8 +95,7 @@ describe('Helper', function () {
function (prefix, schema, address, query, fragment, postfix) { function (prefix, schema, address, query, fragment, postfix) {
query = query.join(''); query = query.join('');
fragment = fragment.join(''); fragment = fragment.join('');
prefix = $.PrivateBin.Helper.htmlEntities(prefix); postfix = ' ' + postfix;
postfix = ' ' + $.PrivateBin.Helper.htmlEntities(postfix);
let url = schema + '://' + address.join('') + '/?' + query + '#' + fragment; let url = schema + '://' + address.join('') + '/?' + query + '#' + fragment;
// special cases: When the query string and fragment imply the beginning of an HTML entity, eg. &#0 or &#x // special cases: When the query string and fragment imply the beginning of an HTML entity, eg. &#0 or &#x
@ -109,7 +108,7 @@ describe('Helper', function () {
postfix = ''; postfix = '';
} }
return prefix + '<a href="' + url + '" rel="nofollow">' + url + '</a>' + postfix === $.PrivateBin.Helper.urls2links(prefix + url + postfix); return $.PrivateBin.Helper.htmlEntities(prefix) + '<a href="' + url + '" rel="nofollow">' + $.PrivateBin.Helper.htmlEntities(url) + '</a>' + $.PrivateBin.Helper.htmlEntities(postfix) === $.PrivateBin.Helper.urls2links(prefix + url + postfix);
} }
); );
jsc.property( jsc.property(
@ -118,10 +117,8 @@ describe('Helper', function () {
jsc.array(common.jscQueryString()), jsc.array(common.jscQueryString()),
'string', 'string',
function (prefix, query, postfix) { function (prefix, query, postfix) {
prefix = $.PrivateBin.Helper.htmlEntities(prefix);
postfix = $.PrivateBin.Helper.htmlEntities(postfix);
let url = 'magnet:?' + query.join('').replace(/^&+|&+$/gm,''); let url = 'magnet:?' + query.join('').replace(/^&+|&+$/gm,'');
return prefix + '<a href="' + url + '" rel="nofollow">' + url + '</a> ' + postfix === $.PrivateBin.Helper.urls2links(prefix + url + ' ' + postfix); return $.PrivateBin.Helper.htmlEntities(prefix) + '<a href="' + url + '" rel="nofollow">' + $.PrivateBin.Helper.htmlEntities(url) + '</a> ' + $.PrivateBin.Helper.htmlEntities(postfix) === $.PrivateBin.Helper.urls2links(prefix + url + ' ' + postfix);
} }
); );
}); });

2
tpl/bootstrap.php
View file

@ -72,7 +72,7 @@ endif;
?> ?>
<script type="text/javascript" data-cfasync="false" src="js/purify-2.0.8.js" integrity="sha512-QwcEKGuEmKtMguCO9pqNtUtZqq9b/tJ8gNr5qhY8hykq3zKTlDOvpZAmf6Rs8yH35Bz1ZdctUjj2qEWxT5aXCg==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/purify-2.0.8.js" integrity="sha512-QwcEKGuEmKtMguCO9pqNtUtZqq9b/tJ8gNr5qhY8hykq3zKTlDOvpZAmf6Rs8yH35Bz1ZdctUjj2qEWxT5aXCg==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/legacy.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-LYos+qXHIRqFf5ZPNphvtTB0cgzHUizu2wwcOwcwz/VIpRv9lpcBgPYz4uq6jx0INwCAj6Fbnl5HoKiLufS2jg==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/legacy.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-LYos+qXHIRqFf5ZPNphvtTB0cgzHUizu2wwcOwcwz/VIpRv9lpcBgPYz4uq6jx0INwCAj6Fbnl5HoKiLufS2jg==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-YrCefSac8MOPuEvP3IJTSt6svl0P34qwnFy6czhtOJ6yN6ykmmrFdXKWMmD/gyp+hBnFdQnkC7o3GtrjuZkZgA==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-TJnv+hN/muDppfHqKPn8WDN9DTIlzrizLc283g/1wfJ/gS8Lk9x5fBebAPApPoVPasryUgkh3xPJ0ptImT6jbQ==" crossorigin="anonymous"></script>
<link rel="apple-touch-icon" href="img/apple-touch-icon.png?<?php echo rawurlencode($VERSION); ?>" sizes="180x180" /> <link rel="apple-touch-icon" href="img/apple-touch-icon.png?<?php echo rawurlencode($VERSION); ?>" sizes="180x180" />
<link rel="icon" type="image/png" href="img/favicon-32x32.png?<?php echo rawurlencode($VERSION); ?>" sizes="32x32" /> <link rel="icon" type="image/png" href="img/favicon-32x32.png?<?php echo rawurlencode($VERSION); ?>" sizes="32x32" />
<link rel="icon" type="image/png" href="img/favicon-16x16.png?<?php echo rawurlencode($VERSION); ?>" sizes="16x16" /> <link rel="icon" type="image/png" href="img/favicon-16x16.png?<?php echo rawurlencode($VERSION); ?>" sizes="16x16" />

2
tpl/page.php
View file

@ -50,7 +50,7 @@ endif;
?> ?>
<script type="text/javascript" data-cfasync="false" src="js/purify-2.0.8.js" integrity="sha512-QwcEKGuEmKtMguCO9pqNtUtZqq9b/tJ8gNr5qhY8hykq3zKTlDOvpZAmf6Rs8yH35Bz1ZdctUjj2qEWxT5aXCg==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/purify-2.0.8.js" integrity="sha512-QwcEKGuEmKtMguCO9pqNtUtZqq9b/tJ8gNr5qhY8hykq3zKTlDOvpZAmf6Rs8yH35Bz1ZdctUjj2qEWxT5aXCg==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/legacy.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-LYos+qXHIRqFf5ZPNphvtTB0cgzHUizu2wwcOwcwz/VIpRv9lpcBgPYz4uq6jx0INwCAj6Fbnl5HoKiLufS2jg==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/legacy.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-LYos+qXHIRqFf5ZPNphvtTB0cgzHUizu2wwcOwcwz/VIpRv9lpcBgPYz4uq6jx0INwCAj6Fbnl5HoKiLufS2jg==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-YrCefSac8MOPuEvP3IJTSt6svl0P34qwnFy6czhtOJ6yN6ykmmrFdXKWMmD/gyp+hBnFdQnkC7o3GtrjuZkZgA==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-TJnv+hN/muDppfHqKPn8WDN9DTIlzrizLc283g/1wfJ/gS8Lk9x5fBebAPApPoVPasryUgkh3xPJ0ptImT6jbQ==" crossorigin="anonymous"></script>
<link rel="apple-touch-icon" href="img/apple-touch-icon.png?<?php echo rawurlencode($VERSION); ?>" sizes="180x180" /> <link rel="apple-touch-icon" href="img/apple-touch-icon.png?<?php echo rawurlencode($VERSION); ?>" sizes="180x180" />
<link rel="icon" type="image/png" href="img/favicon-32x32.png?<?php echo rawurlencode($VERSION); ?>" sizes="32x32" /> <link rel="icon" type="image/png" href="img/favicon-32x32.png?<?php echo rawurlencode($VERSION); ?>" sizes="32x32" />
<link rel="icon" type="image/png" href="img/favicon-16x16.png?<?php echo rawurlencode($VERSION); ?>" sizes="16x16" /> <link rel="icon" type="image/png" href="img/favicon-16x16.png?<?php echo rawurlencode($VERSION); ?>" sizes="16x16" />