use custom HTML escaping function
This commit is contained in:
Thibault Duplessis
parent
f8f8a1c6b7
commit
5db91454f6
|
|
@ -1,15 +1,15 @@
|
|||
package lila.app
|
||||
package templating
|
||||
|
||||
import lila.user.{ User, UserContext }
|
||||
import play.twirl.api.Html
|
||||
|
||||
import lila.common.String.html.{ encode => escapeHtml }
|
||||
import lila.user.{ User, UserContext }
|
||||
|
||||
trait StringHelper { self: NumberHelper =>
|
||||
|
||||
def netDomain: String
|
||||
|
||||
val escapeHtml: String => String = org.apache.commons.lang3.StringEscapeUtils.escapeHtml4 _
|
||||
|
||||
val slugify = lila.common.String.slugify _
|
||||
|
||||
def shorten(text: String, length: Int, sep: String = "…") = Html {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
package lila.app
|
||||
package ui
|
||||
|
||||
import org.apache.commons.lang3.StringEscapeUtils.escapeHtml4
|
||||
import lila.common.String.html.{ encode => escapeHtml }
|
||||
import play.twirl.api.Html
|
||||
|
||||
case class OpenGraph(
|
||||
|
|
@ -19,7 +19,7 @@ case class OpenGraph(
|
|||
object og {
|
||||
|
||||
private def tag(name: String, value: String) =
|
||||
s"""<meta property="og:$name" content="${escapeHtml4(value)}"/>"""
|
||||
s"""<meta property="og:$name" content="${escapeHtml(value)}"/>"""
|
||||
|
||||
private val tupledTag = (tag _).tupled
|
||||
|
||||
|
|
@ -37,7 +37,7 @@ case class OpenGraph(
|
|||
object twitter {
|
||||
|
||||
private def tag(name: String, value: String) =
|
||||
s"""<meta name="twitter:$name" content="${escapeHtml4(value)}"/>"""
|
||||
s"""<meta name="twitter:$name" content="${escapeHtml(value)}"/>"""
|
||||
|
||||
private val tupledTag = (tag _).tupled
|
||||
|
||||
|
|
|
|||
|
|
@ -2,26 +2,26 @@ package lila.chat
|
|||
|
||||
import lila.common.LightUser
|
||||
import lila.common.PimpedJson._
|
||||
import org.apache.commons.lang3.StringEscapeUtils.escapeHtml4
|
||||
import lila.common.String.html.{ encode => escapeHtml }
|
||||
import play.api.libs.json._
|
||||
|
||||
object JsonView {
|
||||
|
||||
def apply(chat: AnyChat, mobileEscape: Boolean = false): JsValue = {
|
||||
if (mobileEscape) escapeHtml(chat)
|
||||
if (mobileEscape) escapeHtmlForMobile(chat)
|
||||
else chat
|
||||
} match {
|
||||
case c: MixedChat => mixedChatWriter writes c
|
||||
case c: UserChat => userChatWriter writes c
|
||||
}
|
||||
|
||||
private def escapeHtml(chat: AnyChat) = chat match {
|
||||
private def escapeHtmlForMobile(chat: AnyChat) = chat match {
|
||||
case c: MixedChat => c.mapLines {
|
||||
case l: UserLine => l.copy(text = escapeHtml4(l.text))
|
||||
case l: PlayerLine => l.copy(text = escapeHtml4(l.text))
|
||||
case l: UserLine => l.copy(text = escapeHtml(l.text))
|
||||
case l: PlayerLine => l.copy(text = escapeHtml(l.text))
|
||||
}
|
||||
case c: UserChat => c.mapLines { l =>
|
||||
l.copy(text = escapeHtml4(l.text))
|
||||
l.copy(text = escapeHtml(l.text))
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -51,6 +51,7 @@ object String {
|
|||
|
||||
object html {
|
||||
|
||||
// from https://github.com/android/platform_frameworks_base/blob/d59921149bb5948ffbcb9a9e832e9ac1538e05a0/core/java/android/text/TextUtils.java#L1361
|
||||
def encode(s: String): String = {
|
||||
val sb = new StringBuilder
|
||||
for (i <- 0 to s.length) sb.append {
|
||||
|
|
|
|||
|
|
@ -2,7 +2,6 @@ package lila.i18n
|
|||
|
||||
import play.api.i18n.Lang
|
||||
import play.api.mvc.RequestHeader
|
||||
import play.twirl.api.Html
|
||||
|
||||
private sealed trait Translation extends Any
|
||||
|
||||
|
|
|
|||
|
|
@ -3,11 +3,11 @@ package lila.round
|
|||
import scala.concurrent.duration._
|
||||
import scala.math
|
||||
|
||||
import org.apache.commons.lang3.StringEscapeUtils.escapeHtml4
|
||||
import play.api.libs.json._
|
||||
|
||||
import lila.common.ApiVersion
|
||||
import lila.common.PimpedJson._
|
||||
import lila.common.String.html.{ encode => escapeHtml }
|
||||
import lila.game.JsonView._
|
||||
import lila.game.{ Pov, Game, PerfPicker, Source, GameRepo, CorrespondenceClock }
|
||||
import lila.pref.Pref
|
||||
|
|
@ -156,7 +156,7 @@ final class JsonView(
|
|||
"spectator" -> true,
|
||||
"ai" -> player.aiLevel,
|
||||
"user" -> playerUser.map { userJsonView.minimal(_, game.perfType) },
|
||||
"name" -> player.name.map(escapeHtml4),
|
||||
"name" -> player.name.map(escapeHtml),
|
||||
"rating" -> player.rating,
|
||||
"ratingDiff" -> player.ratingDiff,
|
||||
"provisional" -> player.provisional.option(true),
|
||||
|
|
@ -170,7 +170,7 @@ final class JsonView(
|
|||
"color" -> opponent.color.name,
|
||||
"ai" -> opponent.aiLevel,
|
||||
"user" -> opponentUser.map { userJsonView.minimal(_, game.perfType) },
|
||||
"name" -> opponent.name.map(escapeHtml4),
|
||||
"name" -> opponent.name.map(escapeHtml),
|
||||
"rating" -> opponent.rating,
|
||||
"ratingDiff" -> opponent.ratingDiff,
|
||||
"provisional" -> opponent.provisional.option(true),
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ import actorApi.Member
|
|||
import chess.Color
|
||||
import lila.common.ApiVersion
|
||||
import lila.game.Event
|
||||
import org.apache.commons.lang3.StringEscapeUtils.escapeHtml4
|
||||
import lila.common.String.html.{ encode => escapeHtml }
|
||||
|
||||
case class VersionedEvent(
|
||||
version: Int,
|
||||
|
|
@ -34,7 +34,7 @@ case class VersionedEvent(
|
|||
else Json.obj("v" -> version)
|
||||
|
||||
private val mobileV1Escaper: Reads[JsObject] = (__ \ 't).json.update(
|
||||
__.read[JsString].map { s => JsString(escapeHtml4(s.value)) }
|
||||
__.read[JsString].map { s => JsString(escapeHtml(s.value)) }
|
||||
)
|
||||
|
||||
private def dataForApiVersion(typ: String, data: JsValue, apiVersion: ApiVersion): JsValue =
|
||||
|
|
|
|||
Loading…
Reference in a new issue