diff options
author | Wu Cheng-Han | 2016-10-26 01:30:17 +0800 |
---|---|---|
committer | Wu Cheng-Han | 2016-10-26 01:30:17 +0800 |
commit | dae141a9d3341d9f5dbd6e547ae4a5879772007f (patch) | |
tree | adb63f850e7495615866503813b971e683942de6 | |
parent | b6ce7a6ab168a753d2f0b2761576b5b6d31f6c7f (diff) |
Fix possible unclose HTML and leaked html tags when fail to parse diagrams
-rw-r--r-- | public/js/extra.js | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/public/js/extra.js b/public/js/extra.js index 65ea44a1..dba77f40 100644 --- a/public/js/extra.js +++ b/public/js/extra.js @@ -315,6 +315,7 @@ function finishView(view) { svg[0].setAttribute('viewBox', '0 0 ' + svg.attr('width') + ' ' + svg.attr('height')); svg[0].setAttribute('preserveAspectRatio', 'xMidYMid meet'); } catch (err) { + $value.unwrap(); console.warn(err); } }); @@ -337,6 +338,7 @@ function finishView(view) { $ele.addClass('flow-chart'); $value.children().unwrap().unwrap(); } catch (err) { + $value.unwrap(); console.warn(err); } }); @@ -354,6 +356,7 @@ function finishView(view) { $ele.addClass('graphviz'); $value.children().unwrap().unwrap(); } catch (err) { + $value.unwrap(); console.warn(err); } }); @@ -374,9 +377,11 @@ function finishView(view) { $ele.html($value.text()); mermaid.init(undefined, $ele); } else { + $value.unwrap(); console.warn(mermaidError); } } catch (err) { + $value.unwrap(); console.warn(err); } }); @@ -476,16 +481,17 @@ function finishView(view) { var code = ""; if (codeDiv.length > 0) code = codeDiv.html(); else code = langDiv.html(); - code = S(code).unescapeHTML().s; if (!reallang) { var result = { - value: S(code).escapeHTML().s + value: code }; } else if (reallang == "tiddlywiki" || reallang == "mediawiki") { + code = S(code).unescapeHTML().s; var result = { value: Prism.highlight(code, Prism.languages.wiki) }; } else { + code = S(code).unescapeHTML().s; var languages = hljs.listLanguages(); if (languages.indexOf(reallang) == -1) { var result = hljs.highlightAuto(code); @@ -827,6 +833,7 @@ function scrollToHash() { function highlightRender(code, lang) { if (!lang || /no(-?)highlight|plain|text/.test(lang)) return; + code = S(code).escapeHTML().s if (lang == 'sequence') { return '<div class="sequence-diagram raw">' + code + '</div>'; } else if (lang == 'flow') { |