RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-10-31 21:52:45 +00:00
Code Issues Activity Actions

LibHTML+IRCClient: Add an escape_html_entities() helper

Browse source 
This simple helper escapes '<', '>' and '&' so they can be used in HTML
text without interfering with the parser.

Use this in IRCClient to prevent incoming messages from messing with
the DOM :^)
This commit is contained in:
Andreas Kling 2019-11-06 22:37:24 +01:00
parent d17930d9e2
commit a377e8d3f5
3 changed files with 19 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Applications/IRCClient/IRCLogBuffer.cpp
View file

@ -54,7 +54,7 @@ void IRCLogBuffer::add_message(char prefix, const String& name, const String& te
color.to_string().characters(),
timestamp_string().characters(),
nick_string.characters(),
text.characters());
escape_html_entities(text).characters());
auto fragment = parse_html_fragment(*m_document, html);
m_container_element->append_child(fragment->remove_child(*fragment->first_child()));
m_document->force_layout();
@ -69,7 +69,7 @@ void IRCLogBuffer::add_message(const String& text, Color color)
"</div>",
color.to_string().characters(),
timestamp_string().characters(),
text.characters());
escape_html_entities(text).characters());
auto fragment = parse_html_fragment(*m_document, html);
m_container_element->append_child(fragment->remove_child(*fragment->first_child()));
m_document->force_layout();

16
Libraries/LibHTML/Parser/HTMLParser.cpp
View file

@ -339,3 +339,19 @@ RefPtr<Document> parse_html_document(const StringView& html, const URL& url)
return document;
}
String escape_html_entities(const StringView& html)
{
StringBuilder builder;
for (int i = 0; i < html.length(); ++i) {
if (html[i] == '<')
builder.append("&lt;");
else if (html[i] == '>')
builder.append("&gt;");
else if (html[i] == '&')
builder.append("&amp;");
else
builder.append(html[i]);
}
return builder.to_string();
}

1
Libraries/LibHTML/Parser/HTMLParser.h
View file

@ -7,3 +7,4 @@ class DocumentFragment;
RefPtr<Document> parse_html_document(const StringView&, const URL& = URL());
RefPtr<DocumentFragment> parse_html_fragment(Document&, const StringView&);
String escape_html_entities(const StringView&);