Skip to content

Commit

Permalink
chore: escape html
Browse files Browse the repository at this point in the history
  • Loading branch information
@adamdehaven
adamdehaven committed Sep 25, 2024
1 parent a22dd9e commit 492abe9
Showing 1 changed file with 10 additions and 1 deletion.
11 changes: 10 additions & 1 deletion src/__template__/ComponentTemplate.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -129,10 +129,19 @@ const prefixSvgIdsInString = (svgString: string): string => {
return processedSvgString
}
const escapeHtml = (str: string): string => {
return str
.replace(/</g, '&lt;')
.replace(/>/g, '&gt;')
.replace(/"/g, '&quot;')
.replace(/'/g, '&#039;')
.replace(/`/g, '&#039;')
}
// The `svgOriginalContent` template string will be replaced with the SVG innerHTML in the generate script.
// eslint-disable-next-line @stylistic/quotes
const svgOriginalContent = `{%%ICON_SVG_INNER_HTML%%}`
const svgTitleContent = props.title ? `<title data-testid="kui-icon-svg-title">${props.title}</title>` : ''
const svgTitleContent = props.title ? `<title data-testid="kui-icon-svg-title">${escapeHtml(props.title)}</title>` : ''
const svgProcessedContent = `${svgTitleContent}${!props.staticIds ? prefixSvgIdsInString(svgOriginalContent) : svgOriginalContent}`
</script>

Expand Down

0 comments on commit 492abe9

Please sign in to comment.