Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-26 16:46:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: add new escape option to getPostSummaryByPids [breaking]

Browse Source 
Changes logic so that the new `escape` option escapes HTML,
whereas the old behaviour had `parse: false` escape HTML.

Now, when `parse` is `false`, the content is unchanged.

Defaults are `{ parse: true, escape: false, stripTags: false }`
This commit is contained in:
Julian Lam
2024-09-05 10:40:20 -04:00
parent ba2c3fcef4
commit 16c8a6523a
2 changed files with 11 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/posts/diffs.js
View File

@@ -88,7 +88,7 @@ module.exports = function (Posts) {
getValidatedTimestamp(timestamp);
const [post, diffs, timestamps] = await Promise.all([
Posts.getPostSummaryByPids([pid], uid, { parse: false }),
Posts.getPostSummaryByPids([pid], uid, { parse: false, escape: true }),
Diffs.get(pid),
Diffs.list(pid),
]);
@@ -133,7 +133,7 @@ module.exports = function (Posts) {
async function postDiffLoad(pid, since, uid) {
// Retrieves all diffs made since `since` and replays them to reconstruct what the post looked like at `since`
const [post, diffs] = await Promise.all([
Posts.getPostSummaryByPids([pid], uid, { parse: false }),
Posts.getPostSummaryByPids([pid], uid, { parse: false, escape: true }),
Posts.diffs.get(pid, since),
]);

12
src/posts/summary.js
View File

@@ -19,6 +19,7 @@ module.exports = function (Posts) {
options.stripTags = options.hasOwnProperty('stripTags') ? options.stripTags : false;
options.parse = options.hasOwnProperty('parse') ? options.parse : true;
options.escape = options.hasOwnProperty('escape') ? options.escape : false;
options.extraFields = options.hasOwnProperty('extraFields') ? options.extraFields : [];
const fields = ['pid', 'tid', 'toPid', 'url', 'content', 'uid', 'timestamp', 'deleted', 'upvotes', 'downvotes', 'replies', 'handle'].concat(options.extraFields);
@@ -73,14 +74,19 @@ module.exports = function (Posts) {
async function parsePosts(posts, options) {
return await Promise.all(posts.map(async (post) => {
if (!post.content || !options.parse) {
post.content = post.content ? validator.escape(String(post.content)) : post.content;
if (!post.content) {
return post;
}
post = await Posts.parsePost(post);
if (options.parse) {
post = await Posts.parsePost(post);
}
if (options.stripTags) {
post.content = stripTags(post.content);
}
if (options.escape) {
post.content = post.content ? validator.escape(String(post.content)) : post.content;
}
return post;
}));
}