ShuriZma
/
dolphin
mirror of https://github.com/dolphin-emu/dolphin.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updater: Escape HTML characters in commit descriptions

This commit is contained in:
Dentomologist 2021-05-24 09:44:21 -07:00
parent a12865570d
commit 99ed43280d
4 changed files with 34 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
Source/Core/Common/StringUtil.cpp
View File

@ -5,6 +5,7 @@
#include "Common/StringUtil.h" #include "Common/StringUtil.h"
#include <algorithm> #include <algorithm>
#include <array>
#include <codecvt> #include <codecvt>
#include <cstdarg> #include <cstdarg>
#include <cstddef> #include <cstddef>
@ -664,3 +665,21 @@ std::vector<std::string> CommandLineToUtf8Argv(const wchar_t* command_line)
return argv; return argv;
} }
#endif #endif
std::string GetEscapedHtml(std::string html)
{
static constexpr std::array<std::array<const char*, 2>, 5> replacements{{
// Escape ampersand first to avoid escaping the ampersands in other replacements
{{"&", "&amp;"}},
{{"<", "&lt;"}},
{{">", "&gt;"}},
{{"\"", "&quot;"}},
{{"'", "&apos;"}},
}};
for (const auto& [unescaped, escaped] : replacements)
{
html = ReplaceAll(html, unescaped, escaped);
}
return html;
}

2
Source/Core/Common/StringUtil.h
View File

@ -242,3 +242,5 @@ inline bool IsPrintableCharacter(char c)
#ifdef _WIN32 #ifdef _WIN32
std::vector<std::string> CommandLineToUtf8Argv(const wchar_t* command_line); std::vector<std::string> CommandLineToUtf8Argv(const wchar_t* command_line);
#endif #endif
std::string GetEscapedHtml(std::string html);

6
Source/Core/UICommon/AutoUpdate.cpp
View File

@ -109,10 +109,10 @@ std::string GenerateChangelog(const picojson::array& versions)
{ {
changelog += ver_obj["shortrev"].get<std::string>(); changelog += ver_obj["shortrev"].get<std::string>();
} }
const std::string escaped_description =
GetEscapedHtml(ver_obj["short_descr"].get<std::string>());
changelog += " by <a href = \"" + ver_obj["author_url"].get<std::string>() + "\">" + changelog += " by <a href = \"" + ver_obj["author_url"].get<std::string>() + "\">" +
ver_obj["author"].get<std::string>() + "</a> &mdash; " + ver_obj["author"].get<std::string>() + "</a> &mdash; " + escaped_description;
ver_obj["short_descr"].get<std::string>();
} }
else else
{ {

10
Source/UnitTests/Common/StringUtilTest.cpp
View File

@ -105,3 +105,13 @@ TEST(StringUtil, ToString_TryParse_Roundtrip)
DoRoundTripTest<float>({0.0f, 1.0f, -1.0f, -0.5f, 0.5f, -1e-3f, 1e-3f, 1e3f, -1e3f}); DoRoundTripTest<float>({0.0f, 1.0f, -1.0f, -0.5f, 0.5f, -1e-3f, 1e-3f, 1e3f, -1e3f});
DoRoundTripTest<double>({0.0, 1.0, -1.0, -0.5, 0.5, -1e-3, 1e-3, 1e3, -1e3}); DoRoundTripTest<double>({0.0, 1.0, -1.0, -0.5, 0.5, -1e-3, 1e-3, 1e3, -1e3});
} }
TEST(StringUtil, GetEscapedHtml)
{
static constexpr auto no_escape_needed =
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
"!@#$%^*()-_=+,./?;:[]{}| \\\t\n";
EXPECT_EQ(GetEscapedHtml(no_escape_needed), no_escape_needed);
EXPECT_EQ(GetEscapedHtml("&<>'\""), "&amp;&lt;&gt;&apos;&quot;");
EXPECT_EQ(GetEscapedHtml("&&&"), "&amp;&amp;&amp;");
}