From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 16429138334 for ; Thu, 19 Dec 2019 21:02:51 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 7C12CE0953; Thu, 19 Dec 2019 21:02:49 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 5F0C4E0953 for ; Thu, 19 Dec 2019 21:02:49 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 7158C34DA3C for ; Thu, 19 Dec 2019 21:02:48 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id C4793991 for ; Thu, 19 Dec 2019 21:02:44 +0000 (UTC) From: "Göktürk Yüksek" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Göktürk Yüksek" Message-ID: <1576789091.690ef9d882b7cb66e7cc93409cf91175f4cc45e1.gokturk@gentoo> Subject: [gentoo-commits] proj/devmanual:master commit in: / X-VCS-Repository: proj/devmanual X-VCS-Files: search.js X-VCS-Directories: / X-VCS-Committer: gokturk X-VCS-Committer-Name: Göktürk Yüksek X-VCS-Revision: 690ef9d882b7cb66e7cc93409cf91175f4cc45e1 X-VCS-Branch: master Date: Thu, 19 Dec 2019 21:02:44 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: c39ee58c-26b7-42e4-8a25-636a4b90f904 X-Archives-Hash: 2febaf22dab8591c8617fcef4069abbd commit: 690ef9d882b7cb66e7cc93409cf91175f4cc45e1 Author: Göktürk Yüksek gentoo org> AuthorDate: Wed Dec 11 01:23:07 2019 +0000 Commit: Göktürk Yüksek gentoo org> CommitDate: Thu Dec 19 20:58:11 2019 +0000 URL: https://gitweb.gentoo.org/proj/devmanual.git/commit/?id=690ef9d8 search.js: escape HTML/XML tags returned in search results build_search_documents.py unescapes the escaped tags when creating an index. This is desired as lunr doesn't index them otherwise. For example it indexes '' properly but not '<warning>'. When we display them on the browser though, we need to escape them again so that they are not interpreted as real tags. Signed-off-by: Göktürk Yüksek gentoo.org> search.js | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/search.js b/search.js index 9cbf05a..aae7bcf 100644 --- a/search.js +++ b/search.js @@ -33,6 +33,21 @@ function getContents(docs, uid) { return contents; } +function escapeHTML(str) { + return str.replace(/[&<"']/g, function(m) { + switch (m) { + case '&': + return '&'; + case '<': + return '<'; + case '"': + return '"'; + default: + return '''; + } + }); +}; + function search() { var term = document.getElementById("searchInput").value; if (term !== "") { @@ -57,14 +72,14 @@ function search() { }); for (var i = 0; i < positions.length; i++) { - text += contents.text.substring(pos, positions[i][0]); + text += escapeHTML(contents.text.substring(pos, positions[i][0])); pos = positions[i][0]; text += ""; - text += contents.text.substring(pos, pos + positions[i][1]); + text += escapeHTML(contents.text.substring(pos, pos + positions[i][1])); pos += positions[i][1]; text += ""; } - text += contents.text.substring(pos); + text += escapeHTML(contents.text.substring(pos)); $("#searchResults .modal-body").append(``);