Dockery/Trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-11-02 19:36:12 +01:00
Code Issues Packages Projects Releases Activity

fix clipping selection can create multiple notes for the same Url

Browse Source 
sanitize was replacing '&' char to '&'and changing actual Url
This commit is contained in:
contributor
2023-01-03 20:44:31 +02:00
parent f02ad63e97
commit 85a6e8b47e
2 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/routes/api/clipper.js
View File

@@ -47,6 +47,7 @@ function addClipping(req) {
const clipperInbox = getClipperInboxNote();
pageUrl = htmlSanitizer.sanitizeUrl(pageUrl);
let clippingNote = findClippingNote(clipperInbox, pageUrl);
if (!clippingNote) {
@@ -57,8 +58,6 @@ function addClipping(req) {
type: 'text'
}).note;
pageUrl = htmlSanitizer.sanitize(pageUrl);
clippingNote.setLabel('clipType', 'clippings');
clippingNote.setLabel('pageUrl', pageUrl);
clippingNote.setLabel('iconClass', 'bx bx-globe');
@@ -96,7 +95,7 @@ function createNote(req) {
note.setLabel('clipType', clipType);
if (pageUrl) {
pageUrl = htmlSanitizer.sanitize(pageUrl);
pageUrl = htmlSanitizer.sanitizeUrl(pageUrl);
note.setLabel('pageUrl', pageUrl);
note.setLabel('iconClass', 'bx bx-globe');

4
src/services/html_sanitizer.js
View File

@@ -1,4 +1,5 @@
const sanitizeHtml = require('sanitize-html');
const sanitizeUrl = require('@braintree/sanitize-url').sanitizeUrl;
// intended mainly as protection against XSS via import
// secondarily it (partly) protects against "CSS takeover"
@@ -48,5 +49,6 @@ function sanitize(dirtyHtml) {
}
module.exports = {
sanitize
sanitize,
sanitizeUrl
};