Best-effort escaping markdown and adding links to urls and images
This commit is contained in:
parent
35481a61e3
commit
c3d35c8f70
|
@ -25,6 +25,7 @@ const ejs = require("ejs");
|
|||
const cookieEncrypter = require("cookie-encrypter");
|
||||
const expressLayouts = require("express-ejs-layouts");
|
||||
const mobileRoutes = require("./mobile-routes");
|
||||
const ejsUtils = require("ejs/lib/utils");
|
||||
|
||||
let mode = process.env.MODE || "client";
|
||||
|
||||
|
@ -110,13 +111,42 @@ app.use((_req, res, next) => {
|
|||
}
|
||||
return "/images/no-avatar.png";
|
||||
};
|
||||
|
||||
const BLOB_PATTERN = /(&.*?=\.sha\d+)/g;
|
||||
res.locals.topicTitle = (post) => {
|
||||
const title = post.content.title || post.content.text;
|
||||
const title = res.locals
|
||||
.escapeMarkdown(post.content.title || post.content.text)
|
||||
.replace(BLOB_PATTERN, "");
|
||||
if (title.length > 60) {
|
||||
return title.substr(0, 60) + "...";
|
||||
}
|
||||
return title;
|
||||
};
|
||||
res.locals.escapeMarkdown = (str) => {
|
||||
let result = ejsUtils.escapeXML(str);
|
||||
result = result.replace(/!\[.*?\]\((.*?)\)/g, `$1`); // Images
|
||||
result = result.replace(/\[(@.*?)\]\(@.*?\)/g, `$1`); // Link to mention
|
||||
result = result.replace(/\[.*?\]\((.*?)\)/g, `$1`); // Any Link
|
||||
result = result.replace(/^#+ /g, "");
|
||||
return result;
|
||||
};
|
||||
res.locals.htmlify = (str) => {
|
||||
let result = str;
|
||||
result = result.replace(
|
||||
BLOB_PATTERN,
|
||||
`<a target="_blank" href="/blob/$1">$1</a>`
|
||||
);
|
||||
result = result.replace(
|
||||
/(https?:\/\/\S+)/g,
|
||||
`<a target="_blank" href="$1">$1</a>`
|
||||
);
|
||||
result = result.replace(
|
||||
/( ([a-z-_]+\.)?[a-z-_]+\.[a-z]+(\/\S+))/g,
|
||||
` <a target="_blank" href="http://$1">$1</a>`
|
||||
);
|
||||
result = result.replace(/\n/g, "<br />");
|
||||
return result;
|
||||
};
|
||||
next();
|
||||
});
|
||||
|
||||
|
|
|
@ -40,7 +40,7 @@ const serveBlobs = (sbot) => {
|
|||
setTimeout(() => {
|
||||
debug("timeout for", hash);
|
||||
wrappedCb(null, false);
|
||||
}, 1000);
|
||||
}, 5000);
|
||||
|
||||
sbot.blobs.has(hash, function (err, has) {
|
||||
if (err) return wrappedCb(err);
|
||||
|
|
|
@ -10,14 +10,12 @@
|
|||
<a href="<%= profileUrl(post.author) %>" class="no-link-style">
|
||||
<b><%= post.authorProfile.name %></b>
|
||||
</a>
|
||||
<% let text = post.content.text %>
|
||||
<% let text = escapeMarkdown(post.content.text) %>
|
||||
<% if (typeof dont_cut == "undefined") { %>
|
||||
<% text = post.content.text.slice(0, 140) %>
|
||||
<% text = text.slice(0, 140) %>
|
||||
<% if (post.content.text.length > 140) text += "..." %>
|
||||
<% } %>
|
||||
<% text.split("\n").map((line, index) => { %>
|
||||
<%- index > 0 ? "<br />" : "" %><%= line %>
|
||||
<% }) %>
|
||||
<%- htmlify(text) %>
|
||||
</div>
|
||||
</div>
|
||||
<% }) %>
|
|
@ -5,7 +5,7 @@
|
|||
<% posts.map(post => { %>
|
||||
<a href="/communities/<%= community.name %>/<%= post.key.replace("%", "") %>" class="columns community-topic-link">
|
||||
<div class="community-topic-name">
|
||||
<%= topicTitle(post.value) %>
|
||||
<%- topicTitle(post.value) %>
|
||||
</div>
|
||||
<div class="community-topic-replies">💬 <%= post.value.replies.length %> replies</div>
|
||||
</a>
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
<% if (posts.length > 0) { %>
|
||||
<h1><%= topicTitle(posts[0].value) %></h1>
|
||||
<h1><%- topicTitle(posts[0].value) %></h1>
|
||||
<%- include("../_posts", { posts: posts.map(x => x.value), dont_cut: true }) %>
|
||||
|
||||
<form action="/communities/<%= community.name %>/<%= posts[0].key.replace("%", "") %>/publish" method="POST" style="padding-top: 20px; border-top: 1px solid #ddd;">
|
||||
|
|
|
@ -15,7 +15,7 @@
|
|||
<div style="padding-left: 20px">
|
||||
<h1><%= profile.name %></h1>
|
||||
|
||||
<%= profile.description %>
|
||||
<%- escapeMarkdown(profile.description || "").substr(0, 70) %>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
<% posts.map(post => { %>
|
||||
<a href="/communities/<%= community.name %>/<%= post.key.replace("%", "") %>" class="columns community-topic-link">
|
||||
<div class="community-topic-name">
|
||||
<%= topicTitle(post.value) %>
|
||||
<%- topicTitle(post.value) %>
|
||||
</div>
|
||||
<div class="community-topic-replies" style="text-align: right;">💬 <%= post.value.replies.length %> replies</div>
|
||||
</a>
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
⬅ #<%= community.name %>
|
||||
</a>
|
||||
</h2>
|
||||
<h1><%= topicTitle(posts[0].value) %></h1>
|
||||
<h1><%- topicTitle(posts[0].value) %></h1>
|
||||
</div>
|
||||
<%- include("../../_posts", { posts: posts.map(x => x.value), dont_cut: true }) %>
|
||||
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
<div style="padding-left: 20px">
|
||||
<h1><%= profile.name %></h1>
|
||||
|
||||
<%= profile.description %>
|
||||
<%- escapeMarkdown(profile.description || "").substr(0, 70) %>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
<div style="padding-left: 10px; max-width: calc(100% - 128px)">
|
||||
<h1><%= profile.name %></h1>
|
||||
|
||||
<%= (profile.description || "").substr(0, 70) %>
|
||||
<%- escapeMarkdown(profile.description || "").substr(0, 70) %>
|
||||
|
||||
<% if (friendshipStatus == "request_received") { %>
|
||||
<p><%= profile.name %> sent you a friendship request</p>
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
<div style="margin-left: 14px">✅ Friends</div>
|
||||
<% } %>
|
||||
</div>
|
||||
<div style="margin-bottom: 20px;"><%= (profile.description || "").substr(0, 70) %></div>
|
||||
<div style="margin-bottom: 20px;"><%- escapeMarkdown(profile.description || "").substr(0, 70) %></div>
|
||||
|
||||
<% if (friendshipStatus == "request_received") { %>
|
||||
<p><%= profile.name %> sent you a friendship request</p>
|
||||
|
|
Loading…
Reference in New Issue