Skip to content

Commit 16faad9

Browse files
wxiaoguangwxiaoguang
committed
fix
1 parent e94f8d5 commit 16faad9

File tree

2 files changed

+11
-4
lines changed

2 files changed

+11
-4
lines changed

modules/markup/html.go

+2-1
Original file line numberDiff line numberDiff line change
@@ -85,7 +85,8 @@ var globalVars = sync.OnceValue(func() *globalVarsType {
8585
// codePreviewPattern matches "http://domain/.../{owner}/{repo}/src/commit/{commit}/{filepath}#L10-L20"
8686
v.codePreviewPattern = regexp.MustCompile(`https?://\S+/([^\s/]+)/([^\s/]+)/src/commit/([0-9a-f]{7,64})(/\S+)#(L\d+(-L\d+)?)`)
8787

88-
v.tagCleaner = regexp.MustCompile(`<((?:/?\w+/\w+)|(?:/[\w ]+/)|(/?[hH][tT][mM][lL]\b)|(/?[hH][eE][aA][dD]\b))`)
88+
// cleans: "<foo/bar", "<any words/", ("<html", "<head", "<script", "<style")
89+
v.tagCleaner = regexp.MustCompile(`(?i)<(/?\w+/\w+|/[\w ]+/|/?(html|head|script|style\b))`)
8990
v.nulCleaner = strings.NewReplacer("\000", "")
9091
return v
9192
})

modules/markup/html_test.go

+9-3
Original file line numberDiff line numberDiff line change
@@ -469,7 +469,7 @@ func Test_ParseClusterFuzz(t *testing.T) {
469469
assert.NotContains(t, res.String(), "<html")
470470
}
471471

472-
func TestPostProcess_RenderDocument(t *testing.T) {
472+
func TestPostProcess(t *testing.T) {
473473
setting.StaticURLPrefix = markup.TestAppURL // can't run standalone
474474
defer testModule.MockVariableValue(&markup.RenderBehaviorForTesting.DisableAdditionalAttributes, true)()
475475

@@ -480,7 +480,7 @@ func TestPostProcess_RenderDocument(t *testing.T) {
480480
assert.Equal(t, strings.TrimSpace(expected), strings.TrimSpace(res.String()))
481481
}
482482

483-
// Issue index shouldn't be post processing in a document.
483+
// Issue index shouldn't be post-processing in a document.
484484
test(
485485
"#1",
486486
"#1")
@@ -490,7 +490,7 @@ func TestPostProcess_RenderDocument(t *testing.T) {
490490
"go-gitea/gitea#12345",
491491
`<a href="/go-gitea/gitea/issues/12345" class="ref-issue">go-gitea/gitea#12345</a>`)
492492

493-
// Test that other post processing still works.
493+
// Test that other post-processing still works.
494494
test(
495495
":gitea:",
496496
`<span class="emoji" aria-label="gitea"><img alt=":gitea:" src="`+setting.StaticURLPrefix+`/assets/img/emoji/gitea.png"/></span>`)
@@ -499,6 +499,12 @@ func TestPostProcess_RenderDocument(t *testing.T) {
499499
`Some text with <span class="emoji" aria-label="grinning face with smiling eyes">😄</span> in the middle`)
500500
test("http://localhost:3000/person/repo/issues/4#issuecomment-1234",
501501
`<a href="http://localhost:3000/person/repo/issues/4#issuecomment-1234" class="ref-issue">person/repo#4 (comment)</a>`)
502+
503+
// special tags, GitHub's behavior, and for unclosed tags, output as text content as much as possible
504+
test("<script>a", `&lt;script&gt;a`)
505+
test("<script>a</script>", `&lt;script&gt;a&lt;/script&gt;`)
506+
test("<STYLE>a", `&lt;STYLE&gt;a`)
507+
test("<style>a</STYLE>", `&lt;style&gt;a&lt;/STYLE&gt;`)
502508
}
503509

504510
func TestIssue16020(t *testing.T) {

0 commit comments

Comments
 (0)