Poor man escaping of an URL used as query string

fix #607
This commit is contained in:
Yohan Boniface 2018-08-04 14:24:34 +02:00
parent 9539aa0efc
commit c143c2c7ab
2 changed files with 5 additions and 0 deletions

View file

@ -73,6 +73,7 @@ L.Util.toHTML = function (r) {
// links // links
r = r.replace(/(\[\[http)/g, '[[h_t_t_p'); // Escape for avoiding clash between [[http://xxx]] and http://xxx r = r.replace(/(\[\[http)/g, '[[h_t_t_p'); // Escape for avoiding clash between [[http://xxx]] and http://xxx
r = r.replace(/({{http)/g, '{{h_t_t_p'); r = r.replace(/({{http)/g, '{{h_t_t_p');
r = r.replace(/(=http)/g, '=h_t_t_p'); // http://xxx as query string, see https://github.com/umap-project/umap/issues/607
r = r.replace(/(https?:[^ \<)\n]*)/g, '<a target="_blank" href="$1">$1</a>'); r = r.replace(/(https?:[^ \<)\n]*)/g, '<a target="_blank" href="$1">$1</a>');
r = r.replace(/\[\[(h_t_t_ps?:[^\]|]*?)\]\]/g, '<a target="_blank" href="$1">$1</a>'); r = r.replace(/\[\[(h_t_t_ps?:[^\]|]*?)\]\]/g, '<a target="_blank" href="$1">$1</a>');
r = r.replace(/\[\[(h_t_t_ps?:[^|]*?)\|(.*?)\]\]/g, '<a target="_blank" href="$1">$2</a>'); r = r.replace(/\[\[(h_t_t_ps?:[^|]*?)\|(.*?)\]\]/g, '<a target="_blank" href="$1">$2</a>');

View file

@ -94,6 +94,10 @@ describe('L.Util', function () {
assert.equal(L.Util.toHTML('A simple iframe: {{{https://osm.org/?url=https%3A//anotherurl.com}}}'), 'A simple iframe: <iframe frameBorder="0" src="https://osm.org/?url=https%3A//anotherurl.com" width="100%" height="300px"></iframe>'); assert.equal(L.Util.toHTML('A simple iframe: {{{https://osm.org/?url=https%3A//anotherurl.com}}}'), 'A simple iframe: <iframe frameBorder="0" src="https://osm.org/?url=https%3A//anotherurl.com" width="100%" height="300px"></iframe>');
}); });
it('http link with http link as parameter as variable', function () {
assert.equal(L.Util.toHTML('A phrase with a [[http://iframeurl.com?to=http://another.com]].'), 'A phrase with a <a target="_blank" href="http://iframeurl.com?to=http://another.com">http://iframeurl.com?to=http://another.com</a>.');
});
}); });
describe('#escapeHTML', function () { describe('#escapeHTML', function () {