commit: 690ef9d882b7cb66e7cc93409cf91175f4cc45e1
Author: Göktürk Yüksek <gokturk <AT> gentoo <DOT> org>
AuthorDate: Wed Dec 11 01:23:07 2019 +0000
Commit: Göktürk Yüksek <gokturk <AT> gentoo <DOT> org>
CommitDate: Thu Dec 19 20:58:11 2019 +0000
URL: https://gitweb.gentoo.org/proj/devmanual.git/commit/?id=690ef9d8
search.js: escape HTML/XML tags returned in search results
build_search_documents.py unescapes the escaped tags when creating an
index. This is desired as lunr doesn't index them otherwise. For
example it indexes '<warning>' properly but not
'<warning>'. When we display them on the browser though, we need
to escape them again so that they are not interpreted as real tags.
Signed-off-by: Göktürk Yüksek <gokturk <AT> gentoo.org>
search.js | 21 ++++++++++++++++++---
1 file changed, 18 insertions(+), 3 deletions(-)
diff --git a/search.js b/search.js
index 9cbf05a..aae7bcf 100644
--- a/search.js
+++ b/search.js
@@ -33,6 +33,21 @@ function getContents(docs, uid) {
return contents;
}
+function escapeHTML(str) {
+ return str.replace(/[&<"']/g, function(m) {
+ switch (m) {
+ case '&':
+ return '&';
+ case '<':
+ return '<';
+ case '"':
+ return '"';
+ default:
+ return ''';
+ }
+ });
+};
+
function search() {
var term = document.getElementById("searchInput").value;
if (term !== "") {
@@ -57,14 +72,14 @@ function search() {
});
for (var i = 0; i < positions.length; i++) {
- text += contents.text.substring(pos, positions[i][0]);
+ text += escapeHTML(contents.text.substring(pos, positions[i][0]));
pos = positions[i][0];
text += "<span style='background-color: yellow;'>";
- text += contents.text.substring(pos, pos + positions[i][1]);
+ text += escapeHTML(contents.text.substring(pos, pos +
positions[i][1]));
pos += positions[i][1];
text += "</span>";
}
- text += contents.text.substring(pos);
+ text += escapeHTML(contents.text.substring(pos));
$("#searchResults .modal-body").append(`<article><h5><a
href="${contents.url}">
${contents.name}</a></h5><p>${text}</p></article>`);
