aboutsummaryrefslogtreecommitdiffstats
path: root/sonar-markdown
diff options
context:
space:
mode:
Diffstat (limited to 'sonar-markdown')
-rw-r--r--sonar-markdown/pom.xml4
-rw-r--r--sonar-markdown/src/main/java/org/sonar/markdown/HtmlBlockquoteChannel.java5
-rw-r--r--sonar-markdown/src/main/java/org/sonar/markdown/Markdown.java3
-rw-r--r--sonar-markdown/src/test/java/org/sonar/markdown/MarkdownTest.java6
4 files changed, 13 insertions, 5 deletions
diff --git a/sonar-markdown/pom.xml b/sonar-markdown/pom.xml
index 49f615bd35b..d28e9542fbd 100644
--- a/sonar-markdown/pom.xml
+++ b/sonar-markdown/pom.xml
@@ -19,6 +19,10 @@
<artifactId>sonar-channel</artifactId>
</dependency>
<dependency>
+ <groupId>commons-lang</groupId>
+ <artifactId>commons-lang</artifactId>
+ </dependency>
+ <dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</dependency>
diff --git a/sonar-markdown/src/main/java/org/sonar/markdown/HtmlBlockquoteChannel.java b/sonar-markdown/src/main/java/org/sonar/markdown/HtmlBlockquoteChannel.java
index c236e15a19f..286e7e58c80 100644
--- a/sonar-markdown/src/main/java/org/sonar/markdown/HtmlBlockquoteChannel.java
+++ b/sonar-markdown/src/main/java/org/sonar/markdown/HtmlBlockquoteChannel.java
@@ -65,7 +65,7 @@ class HtmlBlockquoteChannel extends Channel<MarkdownOutput> {
private class QuotedLineElementChannel extends RegexChannel<MarkdownOutput> {
protected QuotedLineElementChannel() {
- super(">\\s[^\r\n]*+");
+ super("&gt;\\s[^\r\n]*+");
}
@Override
@@ -80,7 +80,8 @@ class HtmlBlockquoteChannel extends Channel<MarkdownOutput> {
private int searchIndexOfFirstCharacter(CharSequence token) {
for (int index = 0; index < token.length(); index++) {
- if (token.charAt(index) == '>') {
+ if (token.charAt(index) == '&') {
+ index += 4;
while (++ index < token.length()) {
if (token.charAt(index) != ' ') {
return index;
diff --git a/sonar-markdown/src/main/java/org/sonar/markdown/Markdown.java b/sonar-markdown/src/main/java/org/sonar/markdown/Markdown.java
index 5323a3966d5..3d932c62bc5 100644
--- a/sonar-markdown/src/main/java/org/sonar/markdown/Markdown.java
+++ b/sonar-markdown/src/main/java/org/sonar/markdown/Markdown.java
@@ -19,6 +19,7 @@
*/
package org.sonar.markdown;
+import org.apache.commons.lang.StringEscapeUtils;
import org.sonar.channel.ChannelDispatcher;
import org.sonar.channel.CodeReader;
@@ -53,6 +54,6 @@ public final class Markdown {
}
public static String convertToHtml(String input) {
- return new Markdown().convert(input);
+ return new Markdown().convert(StringEscapeUtils.escapeHtml(input));
}
}
diff --git a/sonar-markdown/src/test/java/org/sonar/markdown/MarkdownTest.java b/sonar-markdown/src/test/java/org/sonar/markdown/MarkdownTest.java
index 909fda8c539..462bee37175 100644
--- a/sonar-markdown/src/test/java/org/sonar/markdown/MarkdownTest.java
+++ b/sonar-markdown/src/test/java/org/sonar/markdown/MarkdownTest.java
@@ -67,8 +67,10 @@ public class MarkdownTest {
@Test
public void shouldDecorateBlockquote() {
- assertThat(Markdown.convertToHtml("> Yesterday it worked\n> Today it is not working\r\n> Software is like that\r"))
- .isEqualTo("<blockquote>Yesterday it worked<br/>\nToday it is not working<br/>\r\nSoftware is like that<br/>\r</blockquote>");
+ assertThat(Markdown.convertToHtml("> Yesterday <br/> it worked\n> Today it is not working\r\n> Software is like that\r"))
+ .isEqualTo("<blockquote>Yesterday &lt;br/&gt; it worked<br/>\nToday it is not working<br/>\r\nSoftware is like that<br/>\r</blockquote>");
+ assertThat(Markdown.convertToHtml("HTML elements should <em>not</em> be quoted!"))
+ .isEqualTo("HTML elements should &lt;em&gt;not&lt;/em&gt; be quoted!");
}
@Test
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-10 01:43:50 +0000