mirror of
https://github.com/miniflux/v2.git
synced 2025-08-01 17:38:37 +00:00
Do not escape HTML for Atom 1.0 text content during parsing
Avoid encoding single quotes to HTML entities ('). Feed contents are sanitized after parsing.
This commit is contained in:
Frédéric Guillot
parent
2f3708d40c
commit
4f358aa0f3
2 changed files with 59 additions and 5 deletions
|
|
@ -6,7 +6,6 @@ package atom // import "miniflux.app/reader/atom"
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/xml"
|
"encoding/xml"
|
||||||
"html"
|
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
@ -221,10 +220,8 @@ func (a *atom10Text) String() string {
|
||||||
switch {
|
switch {
|
||||||
case a.Type == "xhtml":
|
case a.Type == "xhtml":
|
||||||
content = a.XML
|
content = a.XML
|
||||||
case a.Type == "html":
|
default:
|
||||||
content = a.Data
|
content = a.Data
|
||||||
case a.Type == "text" || a.Type == "":
|
|
||||||
content = html.EscapeString(a.Data)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return strings.TrimSpace(content)
|
return strings.TrimSpace(content)
|
||||||
|
|
|
||||||
|
|
@ -359,7 +359,7 @@ func TestParseEntrySummaryWithPlainText(t *testing.T) {
|
||||||
t.Fatal(err)
|
t.Fatal(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
if feed.Entries[0].Content != "<Some text.>" {
|
if feed.Entries[0].Content != "<Some text.>" {
|
||||||
t.Errorf("Incorrect entry content, got: %s", feed.Entries[0].Content)
|
t.Errorf("Incorrect entry content, got: %s", feed.Entries[0].Content)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -599,6 +599,63 @@ func TestParseInvalidXml(t *testing.T) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestParseTitleWithSingleQuote(t *testing.T) {
|
||||||
|
data := `
|
||||||
|
<?xml version="1.0" encoding="utf-8"?>
|
||||||
|
<feed xmlns="http://www.w3.org/2005/Atom">
|
||||||
|
<title>' or ’</title>
|
||||||
|
<link href="http://example.org/"/>
|
||||||
|
</feed>
|
||||||
|
`
|
||||||
|
|
||||||
|
feed, err := Parse(bytes.NewBufferString(data))
|
||||||
|
if err != nil {
|
||||||
|
t.Fatal(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if feed.Title != "' or ’" {
|
||||||
|
t.Errorf(`Incorrect title, got: %q`, feed.Title)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestParseTitleWithEncodedSingleQuote(t *testing.T) {
|
||||||
|
data := `
|
||||||
|
<?xml version="1.0" encoding="utf-8"?>
|
||||||
|
<feed xmlns="http://www.w3.org/2005/Atom">
|
||||||
|
<title type="html">Test's Blog</title>
|
||||||
|
<link href="http://example.org/"/>
|
||||||
|
</feed>
|
||||||
|
`
|
||||||
|
|
||||||
|
feed, err := Parse(bytes.NewBufferString(data))
|
||||||
|
if err != nil {
|
||||||
|
t.Fatal(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if feed.Title != "Test's Blog" {
|
||||||
|
t.Errorf(`Incorrect title, got: %q`, feed.Title)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestParseTitleWithSingleQuoteAndHTMLType(t *testing.T) {
|
||||||
|
data := `
|
||||||
|
<?xml version="1.0" encoding="utf-8"?>
|
||||||
|
<feed xmlns="http://www.w3.org/2005/Atom">
|
||||||
|
<title type="html">O’Hara</title>
|
||||||
|
<link href="http://example.org/"/>
|
||||||
|
</feed>
|
||||||
|
`
|
||||||
|
|
||||||
|
feed, err := Parse(bytes.NewBufferString(data))
|
||||||
|
if err != nil {
|
||||||
|
t.Fatal(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if feed.Title != "O’Hara" {
|
||||||
|
t.Errorf(`Incorrect title, got: %q`, feed.Title)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
func TestParseWithHTMLEntity(t *testing.T) {
|
func TestParseWithHTMLEntity(t *testing.T) {
|
||||||
data := `
|
data := `
|
||||||
<?xml version="1.0" encoding="utf-8"?>
|
<?xml version="1.0" encoding="utf-8"?>
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue