diff options
| author | Christoph Wurst <christoph@winzerhof-wurst.at> | 2020-05-14 15:03:45 +0200 |
|---|---|---|
| committer | Christoph Wurst <christoph@winzerhof-wurst.at> | 2020-05-27 15:06:54 +0200 |
| commit | 74db91910c91bff4e256b80f230bdb823f2891df (patch) | |
| tree | 3c5d333783abf7050442003fd22d557fec337959 /core/src/OC | |
| parent | a0771a389af6a4f3ff25410e96b168614b023759 (diff) | |
| download | nextcloud-server-74db91910c91bff4e256b80f230bdb823f2891df.tar.gz nextcloud-server-74db91910c91bff4e256b80f230bdb823f2891df.zip | |
Make the translation sanitization optional
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Diffstat (limited to 'core/src/OC')
| -rw-r--r-- | core/src/OC/l10n.js | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/core/src/OC/l10n.js b/core/src/OC/l10n.js index 5ada257d858..6495f514c7d 100644 --- a/core/src/OC/l10n.js +++ b/core/src/OC/l10n.js @@ -12,6 +12,7 @@ import _ from 'underscore' import $ from 'jquery' import DOMPurify from 'dompurify' import Handlebars from 'handlebars' +import identity from 'lodash/fp/identity' import escapeHTML from 'escape-html' import OC from './index' @@ -84,15 +85,20 @@ const L10n = { * @param {number} [count] number to replace %n with * @param {array} [options] options array * @param {bool} [options.escape=true] enable/disable auto escape of placeholders (by default enabled) + * @param {bool} [options.sanitize=true] enable/disable sanitization (by default enabled) * @returns {string} */ translate: function(app, text, vars, count, options) { const defaultOptions = { escape: true, + sanitize: true, } const allOptions = options || {} _.defaults(allOptions, defaultOptions) + const optSanitize = allOptions.sanitize ? DOMPurify.sanitize : identity + const optEscape = allOptions.escape ? escapeHTML : identity + // TODO: cache this function to avoid inline recreation // of the same function over and over again in case // translate() is used in a loop @@ -101,13 +107,9 @@ const L10n = { function(a, b) { const r = vars[b] if (typeof r === 'string' || typeof r === 'number') { - if (allOptions.escape) { - return DOMPurify.sanitize(escapeHTML(r)) - } else { - return DOMPurify.sanitize(r) - } + return optSanitize(optEscape(r)) } else { - return DOMPurify.sanitize(a) + return optSanitize(a) } } ) @@ -120,9 +122,9 @@ const L10n = { } if (typeof vars === 'object' || count !== undefined) { - return DOMPurify.sanitize(_build(translation, vars, count)) + return optSanitize(_build(translation, vars, count)) } else { - return DOMPurify.sanitize(translation) + return optSanitize(translation) } }, |