From 7c40b44a15fd6028e17fcaa6656338e832f53f6b Mon Sep 17 00:00:00 2001 From: Liang Ding Date: Wed, 28 Dec 2022 17:07:59 +0800 Subject: [PATCH] =?UTF-8?q?:art:=20=E6=90=9C=E7=B4=A2=E7=BB=93=E6=9E=9C?= =?UTF-8?q?=E9=AB=98=E4=BA=AE=E6=94=AF=E6=8C=81=E5=A4=A7=E9=83=A8=E5=88=86?= =?UTF-8?q?=E8=A1=8C=E7=BA=A7=E5=85=83=E7=B4=A0=20https://github.com/siyua?= =?UTF-8?q?n-note/siyuan/issues/6745?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- kernel/api/block.go | 4 ++++ kernel/api/search.go | 3 +-- kernel/api/template.go | 5 ++--- kernel/model/blockinfo.go | 7 ++++--- kernel/model/render.go | 3 ++- kernel/model/search.go | 5 ++--- kernel/model/tag.go | 3 +-- kernel/search/mark.go | 6 +++--- kernel/util/string.go | 16 ++++++++++++++++ 9 files changed, 35 insertions(+), 17 deletions(-) diff --git a/kernel/api/block.go b/kernel/api/block.go index fe122fb7c..1ee9b5d40 100644 --- a/kernel/api/block.go +++ b/kernel/api/block.go @@ -269,6 +269,10 @@ func getRefIDs(c *gin.Context) { return } + if nil == arg["id"] { + arg["id"] = "" + } + id := arg["id"].(string) refIDs, refTexts, defIDs := model.GetBlockRefIDs(id) ret.Data = map[string][]string{ diff --git a/kernel/api/search.go b/kernel/api/search.go index 906dd0e6a..a55b86438 100644 --- a/kernel/api/search.go +++ b/kernel/api/search.go @@ -21,7 +21,6 @@ import ( "strings" "github.com/88250/gulu" - "github.com/88250/lute/html" "github.com/gin-gonic/gin" "github.com/siyuan-note/siyuan/kernel/model" "github.com/siyuan-note/siyuan/kernel/util" @@ -182,7 +181,7 @@ func searchRefBlock(c *gin.Context) { ret.Data = map[string]interface{}{ "blocks": blocks, "newDoc": newDoc, - "k": html.EscapeHTMLStr(keyword), + "k": util.EscapeHTML(keyword), "reqId": arg["reqId"], } } diff --git a/kernel/api/template.go b/kernel/api/template.go index 433f5b751..5bf5c88b9 100644 --- a/kernel/api/template.go +++ b/kernel/api/template.go @@ -20,7 +20,6 @@ import ( "net/http" "github.com/88250/gulu" - "github.com/88250/lute/html" "github.com/gin-gonic/gin" "github.com/siyuan-note/siyuan/kernel/model" "github.com/siyuan-note/siyuan/kernel/util" @@ -40,7 +39,7 @@ func docSaveAsTemplate(c *gin.Context) { code, err := model.DocSaveAsTemplate(id, overwrite) if nil != err { ret.Code = -1 - ret.Msg = html.EscapeString(err.Error()) + ret.Msg = util.EscapeHTML(err.Error()) return } ret.Code = code @@ -60,7 +59,7 @@ func renderTemplate(c *gin.Context) { content, err := model.RenderTemplate(p, id) if nil != err { ret.Code = -1 - ret.Msg = html.EscapeString(err.Error()) + ret.Msg = util.EscapeHTML(err.Error()) return } diff --git a/kernel/model/blockinfo.go b/kernel/model/blockinfo.go index 59d238e99..ea5b9bcee 100644 --- a/kernel/model/blockinfo.go +++ b/kernel/model/blockinfo.go @@ -26,7 +26,6 @@ import ( "github.com/88250/gulu" "github.com/88250/lute/ast" - "github.com/88250/lute/html" "github.com/88250/lute/parse" "github.com/siyuan-note/logging" "github.com/siyuan-note/siyuan/kernel/sql" @@ -124,6 +123,8 @@ func getNodeRefText(node *ast.Node) string { func GetBlockRefIDs(id string) (refIDs, refTexts, defIDs []string) { refIDs = []string{} + refTexts = []string{} + defIDs = []string{} bt := treenode.GetBlockTree(id) if nil == bt { return @@ -237,9 +238,9 @@ func buildBlockBreadcrumb(node *ast.Node, excludeTypes []string) (ret []*BlockPa fc = fc.Next } - name := html.EscapeHTMLStr(parent.IALAttr("name")) + name := util.EscapeHTML(parent.IALAttr("name")) if ast.NodeDocument == parent.Type { - name = html.EscapeHTMLStr(path.Join(boxName, hPath)) + name = util.EscapeHTML(path.Join(boxName, hPath)) } else { if "" == name { if ast.NodeListItem == parent.Type { diff --git a/kernel/model/render.go b/kernel/model/render.go index 31453d4ad..79e6a5912 100644 --- a/kernel/model/render.go +++ b/kernel/model/render.go @@ -28,6 +28,7 @@ import ( "github.com/88250/lute/render" "github.com/siyuan-note/siyuan/kernel/sql" "github.com/siyuan-note/siyuan/kernel/treenode" + "github.com/siyuan-note/siyuan/kernel/util" ) func renderOutline(node *ast.Node, luteEngine *lute.Lute) (ret string) { @@ -71,7 +72,7 @@ func renderBlockText(node *ast.Node, excludeTypes []string) (ret string) { ret = treenode.NodeStaticContent(node, excludeTypes) ret = strings.TrimSpace(ret) ret = strings.ReplaceAll(ret, "\n", "") - ret = html.EscapeString(ret) + ret = util.EscapeHTML(ret) ret = strings.TrimSpace(ret) if "" == ret { // 复制内容为空的块作为块引用时粘贴无效 https://github.com/siyuan-note/siyuan/issues/4962 diff --git a/kernel/model/search.go b/kernel/model/search.go index 8be0855c8..923226f59 100644 --- a/kernel/model/search.go +++ b/kernel/model/search.go @@ -31,7 +31,6 @@ import ( "github.com/88250/gulu" "github.com/88250/lute" "github.com/88250/lute/ast" - "github.com/88250/lute/html" "github.com/88250/lute/lex" "github.com/88250/lute/parse" "github.com/jinzhu/copier" @@ -228,7 +227,7 @@ func FindReplace(keyword, replacement string, ids []string, method int) (err err } case ast.NodeTextMark: if n.IsTextMarkType("code") { - escapedKey := html.EscapeString(keyword) + escapedKey := util.EscapeHTML(keyword) if 0 == method { if strings.Contains(n.TextMarkTextContent, escapedKey) { n.TextMarkTextContent = strings.ReplaceAll(n.TextMarkTextContent, escapedKey, replacement) @@ -692,7 +691,7 @@ func markSearch(text string, keyword string, beforeLen int) (marked string, scor marked = text if strings.Contains(marked, search.SearchMarkLeft) { // 使用 FTS snippet() 处理过高亮片段,这里简单替换后就返回 - marked = html.EscapeString(text) + marked = util.EscapeHTML(text) marked = strings.ReplaceAll(marked, search.SearchMarkLeft, "") marked = strings.ReplaceAll(marked, search.SearchMarkRight, "") return diff --git a/kernel/model/tag.go b/kernel/model/tag.go index 96baabc13..875ae6fc5 100644 --- a/kernel/model/tag.go +++ b/kernel/model/tag.go @@ -24,7 +24,6 @@ import ( "github.com/88250/gulu" "github.com/88250/lute/ast" - "github.com/88250/lute/html" "github.com/emirpasic/gods/sets/hashset" "github.com/facette/natsort" "github.com/siyuan-note/logging" @@ -360,7 +359,7 @@ func buildTags(root Tags, labels []string, depth int) Tags { } } if i == len(root) { - root = append(root, &Tag{Name: html.EscapeHTMLStr(labels[0]), Type: "tag", Depth: depth}) + root = append(root, &Tag{Name: util.EscapeHTML(labels[0]), Type: "tag", Depth: depth}) } depth++ root[i].tags = buildTags(root[i].tags, labels[1:], depth) diff --git a/kernel/search/mark.go b/kernel/search/mark.go index 92b209a1e..027d1a36c 100644 --- a/kernel/search/mark.go +++ b/kernel/search/mark.go @@ -21,14 +21,14 @@ import ( "strings" "unicode/utf8" - "github.com/88250/lute/html" + "github.com/siyuan-note/siyuan/kernel/util" ) func MarkText(text string, keyword string, beforeLen int, caseSensitive bool) (pos int, marked string) { if "" == keyword { - return -1, html.EscapeString(text) + return -1, util.EscapeHTML(text) } - text = html.EscapeString(text) + text = util.EscapeHTML(text) keywords := SplitKeyword(keyword) marked = EncloseHighlighting(text, keywords, "", "", caseSensitive) diff --git a/kernel/util/string.go b/kernel/util/string.go index 6f25cb255..d982cfcf6 100644 --- a/kernel/util/string.go +++ b/kernel/util/string.go @@ -16,6 +16,22 @@ package util +import ( + "strings" + + "github.com/88250/lute/html" +) + +func EscapeHTML(s string) string { + if strings.Contains(s, "&") { + return s + } + if strings.ContainsAny(s, "<>\"'") { + return html.EscapeString(s) + } + return s +} + func Reverse(s string) string { runes := []rune(s) for i, j := 0, len(runes)-1; i < j; i, j = i+1, j-1 {