Updater: Escape HTML characters in commit descriptions
This commit is contained in:
parent
a12865570d
commit
99ed43280d
|
@ -5,6 +5,7 @@
|
|||
#include "Common/StringUtil.h"
|
||||
|
||||
#include <algorithm>
|
||||
#include <array>
|
||||
#include <codecvt>
|
||||
#include <cstdarg>
|
||||
#include <cstddef>
|
||||
|
@ -664,3 +665,21 @@ std::vector<std::string> CommandLineToUtf8Argv(const wchar_t* command_line)
|
|||
return argv;
|
||||
}
|
||||
#endif
|
||||
|
||||
std::string GetEscapedHtml(std::string html)
|
||||
{
|
||||
static constexpr std::array<std::array<const char*, 2>, 5> replacements{{
|
||||
// Escape ampersand first to avoid escaping the ampersands in other replacements
|
||||
{{"&", "&"}},
|
||||
{{"<", "<"}},
|
||||
{{">", ">"}},
|
||||
{{"\"", """}},
|
||||
{{"'", "'"}},
|
||||
}};
|
||||
|
||||
for (const auto& [unescaped, escaped] : replacements)
|
||||
{
|
||||
html = ReplaceAll(html, unescaped, escaped);
|
||||
}
|
||||
return html;
|
||||
}
|
||||
|
|
|
@ -242,3 +242,5 @@ inline bool IsPrintableCharacter(char c)
|
|||
#ifdef _WIN32
|
||||
std::vector<std::string> CommandLineToUtf8Argv(const wchar_t* command_line);
|
||||
#endif
|
||||
|
||||
std::string GetEscapedHtml(std::string html);
|
||||
|
|
|
@ -109,10 +109,10 @@ std::string GenerateChangelog(const picojson::array& versions)
|
|||
{
|
||||
changelog += ver_obj["shortrev"].get<std::string>();
|
||||
}
|
||||
|
||||
const std::string escaped_description =
|
||||
GetEscapedHtml(ver_obj["short_descr"].get<std::string>());
|
||||
changelog += " by <a href = \"" + ver_obj["author_url"].get<std::string>() + "\">" +
|
||||
ver_obj["author"].get<std::string>() + "</a> — " +
|
||||
ver_obj["short_descr"].get<std::string>();
|
||||
ver_obj["author"].get<std::string>() + "</a> — " + escaped_description;
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
|
@ -105,3 +105,13 @@ TEST(StringUtil, ToString_TryParse_Roundtrip)
|
|||
DoRoundTripTest<float>({0.0f, 1.0f, -1.0f, -0.5f, 0.5f, -1e-3f, 1e-3f, 1e3f, -1e3f});
|
||||
DoRoundTripTest<double>({0.0, 1.0, -1.0, -0.5, 0.5, -1e-3, 1e-3, 1e3, -1e3});
|
||||
}
|
||||
|
||||
TEST(StringUtil, GetEscapedHtml)
|
||||
{
|
||||
static constexpr auto no_escape_needed =
|
||||
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
|
||||
"!@#$%^*()-_=+,./?;:[]{}| \\\t\n";
|
||||
EXPECT_EQ(GetEscapedHtml(no_escape_needed), no_escape_needed);
|
||||
EXPECT_EQ(GetEscapedHtml("&<>'\""), "&<>'"");
|
||||
EXPECT_EQ(GetEscapedHtml("&&&"), "&&&");
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue