From 6e36b59a59d15916d3581c7a9dbad490cab4dcfb Mon Sep 17 00:00:00 2001 From: Chad Weider Date: Sat, 14 Jan 2012 14:46:15 -0800 Subject: [PATCH 1/2] All escaping functions replace HTML reserved characters. --- node/utils/ExportHtml.js | 5 +++-- static/js/ace2_common.js | 9 ++++++++- static/js/domline.js | 2 +- static/js/pad_utils.js | 9 ++++++++- 4 files changed, 20 insertions(+), 5 deletions(-) diff --git a/node/utils/ExportHtml.js b/node/utils/ExportHtml.js index 46ed980a5..ef85d51f1 100644 --- a/node/utils/ExportHtml.js +++ b/node/utils/ExportHtml.js @@ -429,14 +429,15 @@ exports.getPadHTMLDocument = function (padId, revNum, noDocType, callback) function _escapeHTML(s) { - var re = /[&<>]/g; + var re = /[&"<>]/g; if (!re.MAP) { // persisted across function calls! re.MAP = { '&': '&', + '"': '"', '<': '<', - '>': '>', + '>': '>' }; } diff --git a/static/js/ace2_common.js b/static/js/ace2_common.js index 1246a16ec..1e5c415c7 100644 --- a/static/js/ace2_common.js +++ b/static/js/ace2_common.js @@ -142,7 +142,14 @@ function binarySearchInfinite(expectedLength, func) function htmlPrettyEscape(str) { - return str.replace(/&/g, '&').replace(//g, '>').replace(/\r?\n/g, '\\n'); + return str.replace(/[&"<>]/g, function (c) { + return { + '&': '&', + '"': '"', + '<': '<', + '>': '>' + }[c] || c; + }).replace(/\r?\n/g, '\\n'); } if (typeof exports !== "undefined") diff --git a/static/js/domline.js b/static/js/domline.js index 56f74a1cd..b0fbcc8c1 100644 --- a/static/js/domline.js +++ b/static/js/domline.js @@ -229,7 +229,7 @@ domline.escapeHTML = function(s) '&': '&', '<': '<', '>': '>', - '"': '"', + '"': '"', "'": ''' }; } diff --git a/static/js/pad_utils.js b/static/js/pad_utils.js index 76a167057..bd028485d 100644 --- a/static/js/pad_utils.js +++ b/static/js/pad_utils.js @@ -23,7 +23,14 @@ var padutils = { escapeHtml: function(x) { - return String(x).replace(/\/g, '>'); + return String(x).replace(/[&"<>]/g, function (c) { + return { + '&': '&', + '"': '"', + '<': '<', + '>': '>' + }[c] || c; + }); }, uniqueId: function() { From 387dd4a48bd07abf8d375b457be117fbbb6778d3 Mon Sep 17 00:00:00 2001 From: Chad Weider Date: Sat, 14 Jan 2012 14:50:23 -0800 Subject: [PATCH 2/2] The value of all href attributes is escaped. --- node/utils/ExportHtml.js | 2 +- static/js/domline.js | 2 +- static/js/domline_client.js | 2 +- static/js/pad_utils.js | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/node/utils/ExportHtml.js b/node/utils/ExportHtml.js index ef85d51f1..c699c4119 100644 --- a/node/utils/ExportHtml.js +++ b/node/utils/ExportHtml.js @@ -292,7 +292,7 @@ function getHTMLFromAtext(pad, atext) var url = urlData[1]; var urlLength = url.length; processNextChars(startIndex - idx); - assem.append(''); + assem.append(''); processNextChars(urlLength); assem.append(''); }); diff --git a/static/js/domline.js b/static/js/domline.js index b0fbcc8c1..3456419c4 100644 --- a/static/js/domline.js +++ b/static/js/domline.js @@ -162,7 +162,7 @@ domline.createDomLine = function(nonEmpty, doesWrap, optBrowser, optDocument) { href = "http://"+href; } - extraOpenTags = extraOpenTags + ''; + extraOpenTags = extraOpenTags + ''; extraCloseTags = '' + extraCloseTags; } if (simpleTags) diff --git a/static/js/domline_client.js b/static/js/domline_client.js index a152412c9..cac753b96 100644 --- a/static/js/domline_client.js +++ b/static/js/domline_client.js @@ -158,7 +158,7 @@ domline.createDomLine = function(nonEmpty, doesWrap, optBrowser, optDocument) { if (href) { - extraOpenTags = extraOpenTags + ''; + extraOpenTags = extraOpenTags + ''; extraCloseTags = '' + extraCloseTags; } if (simpleTags) diff --git a/static/js/pad_utils.js b/static/js/pad_utils.js index bd028485d..9083fa9b6 100644 --- a/static/js/pad_utils.js +++ b/static/js/pad_utils.js @@ -187,7 +187,7 @@ var padutils = { var startIndex = urls[j][0]; var href = urls[j][1]; advanceTo(startIndex); - pieces.push(''); + pieces.push(''); advanceTo(startIndex + href.length); pieces.push(''); }