Skip to content

Commit

Permalink
fix: Encode unsafe characters as HTML entities
Browse files Browse the repository at this point in the history 
fixes #1697

Signed-off-by: Marcel Klehr <[email protected]>
  • Loading branch information
@marcelklehr
marcelklehr committed Aug 18, 2024
1 parent 8161425 commit c026d84
Showing 1 changed file with 6 additions and 2 deletions.
8 changes: 6 additions & 2 deletions src/lib/serializers/Html.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,17 +7,21 @@ class HtmlSerializer implements Serializer {
return `<DL><p>\n${this._serializeFolder(folder, '')}</DL><p>\n`
}

_htmlentities_encode(string) {
return string.replace(/[\u00A0-\u9999<>&"]/g, char => '&#' + char.charCodeAt(0) + ';')
}

_serializeFolder(folder, indent) {
return folder.children
.map(child => {
if (child instanceof Bookmark) {
return (
`${indent}<DT><A HREF="${child.url}" TAGS="${''}" ID="${child.id}">${child.title}</A>\n`
`${indent}<DT><A HREF="${this._htmlentities_encode(child.url)}" TAGS="${''}" ID="${child.id}">${this._htmlentities_encode(child.title)}</A>\n`
)
} else if (child instanceof Folder) {
const nextIndent = indent + ' '
return (
`${indent}<DT><H3 ID="${child.id}">${child.title}</H3>\n` +
`${indent}<DT><H3 ID="${child.id}">${this._htmlentities_encode(child.title)}</H3>\n` +
`${indent}<DL><p>\n${this._serializeFolder(
child,
nextIndent
Expand Down

0 comments on commit c026d84

Please sign in to comment.