fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-03 16:51:40 +09:00
Code Issues Projects Releases Packages Wiki Activity

Fix #2197 preserve position of data-file-srl attribute and trailing slash in tags

Browse source
This commit is contained in:
Kijin Sung 2023-10-06 22:49:15 +09:00
parent 221602ceb8
commit 321d0ea88c
2 changed files with 8 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

7
common/framework/filters/HTMLFilter.php
View file

@ -333,6 +333,7 @@ class HTMLFilter
$def->addAttribute('div', 'contenteditable', 'Enum#false');
// Support editor components and widgets.
$def->addAttribute('img', 'data-file-srl', 'Number');
$def->addAttribute('img', 'editor_component', 'Text');
$def->addAttribute('div', 'editor_component', 'Text');
$def->addAttribute('img', 'rx_encoded_properties', 'Text');
@ -702,6 +703,10 @@ class HTMLFilter
$html = preg_replace_callback('!\s(data-[a-zA-Z0-9_-]+)="([^"]*)"!', function($attr) use(&$attrs) {
$attrkey = strtolower($attr[1]);
$attrval = trim(utf8_normalize_spaces(utf8_clean(html_entity_decode($attr[2]))));
if (preg_match('/^(data-file-srl)$/', $attrkey))
{
return $attr[0];
}
if (preg_match('/^javascript:/i', preg_replace('/\s+/', '', $attrval)))
{
return '';
@ -715,7 +720,7 @@ class HTMLFilter
}, $match[0]);
$encoded_datas = base64_encode(json_encode($attrs));
$encoded_datas = $encoded_datas . ':' . Security::createSignature($encoded_datas);
return substr($html, 0, -1) . ' rx_encoded_datas="' . $encoded_datas . '">';
return rtrim($html, ' />') . ' rx_encoded_datas="' . $encoded_datas . '"' . (preg_match('!/>$!', $html) ? ' />' : '>');
}, $content);
}

4
tests/unit/framework/filters/HTMLFilterTest.php
View file

@ -270,8 +270,8 @@ class HTMLFilterTest extends \Codeception\TestCase\Test
$target = '<div style="width:100%;" data-foo="foobar" data-bar="bazz">Hello World</div>';
$this->assertEquals($target, Rhymix\Framework\Filters\HTMLFilter::clean($source));
$source = '<a href="#" data-not-properly-encoded="Rhymix\'s Future">Hello World</a>';
$target = '<a href="#" data-not-properly-encoded="Rhymix&#039;s Future">Hello World</a>';
$source = '<img src="test.jpg" data-file-srl="123" alt="TEST" data-not-properly-encoded="Rhymix\'s Future" width="174" />';
$target = '<img src="test.jpg" data-file-srl="123" alt="TEST" width="174" data-not-properly-encoded="Rhymix&#039;s Future" />';
$this->assertEquals($target, Rhymix\Framework\Filters\HTMLFilter::clean($source));
$source = '<article nonsense="#" data-json="{&quot;foo&quot;:[&quot;bar&quot;,777]}"><p>Hello World<p></article>';