diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/data/things/language.js | 16 | ||||
| -rw-r--r-- | src/html.js | 35 |
2 files changed, 19 insertions, 32 deletions
diff --git a/src/data/things/language.js b/src/data/things/language.js index 7750a1b3..46cff26a 100644 --- a/src/data/things/language.js +++ b/src/data/things/language.js @@ -171,7 +171,7 @@ export class Language extends Thing { if (!(strings || inheritedStrings)) return null; const allStrings = {...inheritedStrings, ...strings}; return Object.fromEntries( - Object.entries(allStrings).map(([k, v]) => [k, this.escapeHTML(v)]) + Object.entries(allStrings).map(([k, v]) => [k, html.escape(v)]) ); }, }, @@ -202,18 +202,6 @@ export class Language extends Thing { } } - escapeHTML(string) { - // https://html.spec.whatwg.org/multipage/parsing.html#escapingString - - string = string - .replaceAll('&', '&') - .replaceAll('\u00a0', ' ') - .replaceAll('<', '<') - .replaceAll('>', '>'); - - return string; - } - getUnitForm(value) { this.assertIntlAvailable('intl_pluralCardinal'); return this.intl_pluralCardinal.select(value); @@ -438,7 +426,7 @@ export class Language extends Thing { #sanitizeValueForInsertion(value) { switch (typeof value) { case 'string': - return this.escapeHTML(value); + return html.escape(value); case 'number': case 'boolean': diff --git a/src/html.js b/src/html.js index eb783ac6..0a868ebd 100644 --- a/src/html.js +++ b/src/html.js @@ -359,6 +359,22 @@ export function normalize(content) { return Tag.normalize(content); } +export function escape(string, {attribute = false} = {}) { + // https://html.spec.whatwg.org/multipage/parsing.html#escapingString + + string = string + .replaceAll('&', '&') + .replaceAll('\u00a0', ' ') + .replaceAll('<', '<') + .replaceAll('>', '>'); + + if (attribute) { + string = string.replaceAll('"', '"'); + } + + return string; +} + export class Tag { #tagName = ''; #content = null; @@ -1343,7 +1359,7 @@ export class Attributes { attributeKeyValues .map(([key, value]) => { const keyPart = key; - const escapedValue = this.#escapeAttributeValue(value); + const escapedValue = escape(value.toString(), {attribute: true}); const valuePart = (color ? colors.green(`"${escapedValue}"`) @@ -1419,23 +1435,6 @@ export class Attributes { } } - #escapeAttributeValue(value) { - // https://html.spec.whatwg.org/multipage/parsing.html#escapingString - - // assumes the containing attribute value token is written - // with double quotes - - value = value - .toString() - .replaceAll('&', '&') - .replaceAll('\u00a0', ' ') - .replaceAll('<', '<') - .replaceAll('>', '>') - .replaceAll('"', '"'); - - return value; - } - static parse(string) { const attributes = Object.create(null); |