From 6c489a6d4072d5c1a81c248004ba0e66607a0393 Mon Sep 17 00:00:00 2001 From: Roeland Jago Douma Date: Fri, 4 Oct 2019 13:23:32 +0200 Subject: Move to escape-html * If there is a package that does exactly the same then lets us use that * Import it properly in the internals (less deprecation warnings) Signed-off-by: Roeland Jago Douma --- core/src/OC/l10n.js | 1 + core/src/Util/escapeHTML.js | 36 ------------------------------------ core/src/globals.js | 2 +- core/src/jquery/octemplate.js | 2 +- 4 files changed, 3 insertions(+), 38 deletions(-) delete mode 100644 core/src/Util/escapeHTML.js (limited to 'core/src') diff --git a/core/src/OC/l10n.js b/core/src/OC/l10n.js index fd81d3282d7..ebb2c032b6a 100644 --- a/core/src/OC/l10n.js +++ b/core/src/OC/l10n.js @@ -12,6 +12,7 @@ import _ from 'underscore' import $ from 'jquery' import DOMPurify from 'dompurify' import Handlebars from 'handlebars' +import escapeHTML from 'escape-html' import OC from './index' import { diff --git a/core/src/Util/escapeHTML.js b/core/src/Util/escapeHTML.js deleted file mode 100644 index b6596d44d21..00000000000 --- a/core/src/Util/escapeHTML.js +++ /dev/null @@ -1,36 +0,0 @@ -/* - * @copyright 2019 Christoph Wurst - * - * @author 2019 Christoph Wurst - * - * @license GNU AGPL version 3 or any later version - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - */ - -/** - * Sanitizes a HTML string by replacing all potential dangerous characters with HTML entities - * @param {string} s String to sanitize - * @returns {string} Sanitized string - */ -export default function escapeHTML(s) { - return s.toString() - .split('&') - .join('&') - .split('<') - .join('<').split('>') - .join('>').split('"') - .join('"').split('\'') - .join(''') -} diff --git a/core/src/globals.js b/core/src/globals.js index eb72a9fef30..771748de0d0 100644 --- a/core/src/globals.js +++ b/core/src/globals.js @@ -54,7 +54,7 @@ import 'strengthify/strengthify.css' import OC from './OC/index' import OCP from './OCP/index' import OCA from './OCA/index' -import escapeHTML from './Util/escapeHTML' +import escapeHTML from 'escape-html' import formatDate from './Util/format-date' import { getToken as getRequestToken } from './OC/requesttoken' import getURLParameter from './Util/get-url-parameter' diff --git a/core/src/jquery/octemplate.js b/core/src/jquery/octemplate.js index 24df6739225..a8502b7b796 100644 --- a/core/src/jquery/octemplate.js +++ b/core/src/jquery/octemplate.js @@ -1,5 +1,5 @@ import $ from 'jquery' -import escapeHTML from '../Util/escapeHTML' +import escapeHTML from 'escape-html' /** * jQuery plugin for micro templates -- cgit v1.2.3