thohlt/archtika
1
0
Fork 0
mirror of https://github.com/thiloho/archtika.git synced 2025-11-22 10:51:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

Escape user input <ins> and <del> elements in logs

Browse Source
This commit is contained in:
thiloho
2025-04-06 16:43:12 +02:00
parent 70a81158ef
commit 5a6214878f
2 changed files with 10 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
web-app/src/routes/(authenticated)/website/[websiteId]/logs/+page.server.ts
View File

@@ -80,17 +80,18 @@ export const actions: Actions = {
const htmlDiff = (oldValue: string, newValue: string) => {
const diff = dmp.diff_main(oldValue, newValue);
dmp.diff_cleanupSemantic(diff);
return diff
.map(([op, text]) => {
const escapedText = text.replace(/</g, "&lt;").replace(/>/g, "&gt;");
switch (op) {
case 1:
return `<ins>${text}</ins>`;
return `<ins>${escapedText}</ins>`;
case -1:
return `<del>${text}</del>`;
return `<del>${escapedText}</del>`;
default:
return text;
return escapedText;
}
})
.join("");