Merge pull request #3577 from CatoTH/Issue3563-Escaping-Ampersands

Escape Ampersands - fixes #3563
This commit is contained in:
Emanuel Schütze 2018-02-15 08:23:54 +01:00 committed by GitHub
commit 8042beda60
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 13 additions and 6 deletions

View File

@ -185,17 +185,17 @@ angular.module('OpenSlidesApp.motions.diff', ['OpenSlidesApp.motions.lineNumberi
}; };
this._serializeDom = function(node, stripLineNumbers) { this._serializeDom = function(node, stripLineNumbers) {
if (node.nodeType == TEXT_NODE) { if (node.nodeType === TEXT_NODE) {
return node.nodeValue.replace(/</g, "&lt;").replace(/>/g, "&gt;"); return node.nodeValue.replace(/</g, "&lt;").replace(/>/g, "&gt;");
} }
if (stripLineNumbers && ( if (stripLineNumbers && (
lineNumberingService._isOsLineNumberNode(node) || lineNumberingService._isOsLineBreakNode(node))) { lineNumberingService._isOsLineNumberNode(node) || lineNumberingService._isOsLineBreakNode(node))) {
return ''; return '';
} }
if (node.nodeName == 'OS-LINEBREAK') { if (node.nodeName === 'OS-LINEBREAK') {
return ''; return '';
} }
if (node.nodeName == 'BR') { if (node.nodeName === 'BR') {
var br = '<BR'; var br = '<BR';
for (i = 0; i < node.attributes.length; i++) { for (i = 0; i < node.attributes.length; i++) {
var attr = node.attributes[i]; var attr = node.attributes[i];
@ -206,13 +206,13 @@ angular.module('OpenSlidesApp.motions.diff', ['OpenSlidesApp.motions.lineNumberi
var html = this._serializeTag(node); var html = this._serializeTag(node);
for (var i = 0; i < node.childNodes.length; i++) { for (var i = 0; i < node.childNodes.length; i++) {
if (node.childNodes[i].nodeType == TEXT_NODE) { if (node.childNodes[i].nodeType === TEXT_NODE) {
html += node.childNodes[i].nodeValue.replace(/</g, "&lt;").replace(/>/g, "&gt;"); html += node.childNodes[i].nodeValue.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;");
} else if (!stripLineNumbers || (!lineNumberingService._isOsLineNumberNode(node.childNodes[i]) && !lineNumberingService._isOsLineBreakNode(node.childNodes[i]))) { } else if (!stripLineNumbers || (!lineNumberingService._isOsLineNumberNode(node.childNodes[i]) && !lineNumberingService._isOsLineBreakNode(node.childNodes[i]))) {
html += this._serializeDom(node.childNodes[i], stripLineNumbers); html += this._serializeDom(node.childNodes[i], stripLineNumbers);
} }
} }
if (node.nodeType != DOCUMENT_FRAGMENT_NODE) { if (node.nodeType !== DOCUMENT_FRAGMENT_NODE) {
html += '</' + node.nodeName + '>'; html += '</' + node.nodeName + '>';
} }

View File

@ -300,6 +300,13 @@ describe('linenumbering', function () {
expect(containsError).toBe(-1); expect(containsError).toBe(-1);
expect(containsCorrectVersion > 0).toBe(true); expect(containsCorrectVersion > 0).toBe(true);
}); });
it('keeps ampersands escaped', function() {
var pre = '<p>' + noMarkup(1) + 'foo &amp; bar</p>',
after = '<p>' + noMarkup(1) + 'foo &amp; bar ins</p>';
var merged = diffService.replaceLines(pre, after, 1, 2, true);
expect(merged).toBe('<P>foo &amp; bar ins</P>');
});
}); });
describe('detecting the type of change', function() { describe('detecting the type of change', function() {