From da3f867c9babceef28e5d299302d7b13ceb0abfe Mon Sep 17 00:00:00 2001 From: Johannes Doberer Date: Fri, 21 Jan 2022 11:34:24 +0100 Subject: [PATCH] Escaping helpers improvment and config fix of e2e app (#2483) --- .../src/utilities/helpers/escaping-helpers.js | 14 ++++---- .../helpers/escaping-helpers.spec.js | 33 +++++++++---------- .../luigi-config/extended/projectDetailNav.js | 8 ++++- 3 files changed, 30 insertions(+), 25 deletions(-) diff --git a/core/src/utilities/helpers/escaping-helpers.js b/core/src/utilities/helpers/escaping-helpers.js index 7b56fb2931..fd84bc3351 100644 --- a/core/src/utilities/helpers/escaping-helpers.js +++ b/core/src/utilities/helpers/escaping-helpers.js @@ -1,6 +1,6 @@ // Helper methods that deal with character escaping. class EscapingHelpersClass { - sanitizeHtml(text) { + sanitizeHtml(text = '') { return text .replace(/&/g, '&') .replace(/') .replace(/<br \/>/g, '
') @@ -18,7 +18,7 @@ class EscapingHelpersClass { .replace(/<br >/g, '
'); } - restoreSanitizedElements(text) { + restoreSanitizedElements(text = '') { let result = text; const elements = ['i', 'b', 'br', 'mark', 'strong', 'em', 'small', 'del', 'ins', 'sub', 'sup']; @@ -47,11 +47,11 @@ class EscapingHelpersClass { return result; } - sanatizeHtmlExceptTextFormatting(text) { + sanatizeHtmlExceptTextFormatting(text = '') { return this.restoreSanitizedElements(this.sanitizeHtml(text)); } - sanitizeParam(param) { + sanitizeParam(param = '') { return String(param) .replace(//g, '>') @@ -60,11 +60,11 @@ class EscapingHelpersClass { .replace(/\//g, '/'); } - escapeKeyForRegexp(str) { + escapeKeyForRegexp(str = '') { return str.replace(/[\-\[\]\/\{\}\(\)\*\+\?\.\\\^\$\|]/g, '\\$&'); } - processTextAndLinks(text, links, uniqueID) { + processTextAndLinks(text = '', links, uniqueID) { let sanitizedText = this.restoreSanitizedBrs(this.sanitizeHtml(text)); let initialValue = { sanitizedText, links: [] }; diff --git a/core/test/utilities/helpers/escaping-helpers.spec.js b/core/test/utilities/helpers/escaping-helpers.spec.js index f12b71cec9..b47be56c3a 100644 --- a/core/test/utilities/helpers/escaping-helpers.spec.js +++ b/core/test/utilities/helpers/escaping-helpers.spec.js @@ -14,37 +14,48 @@ describe('Escaping-helpers', () => { sanitizedHtml2, 'This is text <img src="http://url.to.file.which/not.exist" onerror=alert(document.cookie); onclick=alert(document.cookie)><br><IMG SRC=j&#X41vascript:alert('test2')><br>' ); + const sanitizedHtml3 = EscapingHelpers.sanitizeHtml(); + assert.equal(sanitizedHtml3, ''); }); it('restoreSanitizedBrs', () => { const text = '<br> <br > <br /> <br/>'; const restoredHtml = EscapingHelpers.restoreSanitizedBrs(text); assert.equal(restoredHtml, '



'); + const restoredHtml2 = EscapingHelpers.restoreSanitizedBrs(); + assert.equal(restoredHtml2, ''); }); it('restoreSanitizedElements', () => { - const text = - '<br> <b > <del /> <i/> <strong>'; + const text = '<br> <b > <del /> <i/> <strong>'; const restoredHtml = EscapingHelpers.restoreSanitizedElements(text); assert.equal(restoredHtml, '
'); + const restoredHtml2 = EscapingHelpers.restoreSanitizedElements(); + assert.equal(restoredHtml2, ''); }); it('sanatizeHtmlExceptTextFormatting', () => { const text = '