From a7c387b790a3e21653a5cbd9a5df052ae004eb24 Mon Sep 17 00:00:00 2001 From: Kevin Batdorf Date: Sun, 8 Jan 2023 10:35:44 -0500 Subject: [PATCH 1/2] Escape and ecode html --- package-lock.json | 2 ++ package.json | 2 ++ src/editor/Edit.tsx | 11 +++++++---- 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 2dbed17..1eba781 100644 --- a/package-lock.json +++ b/package-lock.json @@ -13,7 +13,9 @@ "@wordpress/block-editor": "11.1.0", "@wordpress/blocks": "12.1.0", "@wordpress/element": "5.1.0", + "@wordpress/escape-html": "^2.24.0", "@wordpress/hooks": "3.24.0", + "@wordpress/html-entities": "^3.24.0", "@wordpress/i18n": "4.24.0", "copy-to-clipboard": "3.3.3", "react-simple-code-editor": "0.13.1", diff --git a/package.json b/package.json index 5bd3cd6..a3eb8ab 100644 --- a/package.json +++ b/package.json @@ -50,7 +50,9 @@ "@wordpress/block-editor": "11.1.0", "@wordpress/blocks": "12.1.0", "@wordpress/element": "5.1.0", + "@wordpress/escape-html": "^2.24.0", "@wordpress/hooks": "3.24.0", + "@wordpress/html-entities": "^3.24.0", "@wordpress/i18n": "4.24.0", "copy-to-clipboard": "3.3.3", "react-simple-code-editor": "0.13.1", diff --git a/src/editor/Edit.tsx b/src/editor/Edit.tsx index 2bc7c5a..632cc14 100644 --- a/src/editor/Edit.tsx +++ b/src/editor/Edit.tsx @@ -4,7 +4,9 @@ import { useLayoutEffect, useRef, } from '@wordpress/element'; +import { escapeHTML } from '@wordpress/escape-html'; import { applyFilters } from '@wordpress/hooks'; +import { decodeEntities } from '@wordpress/html-entities'; import { sprintf, __ } from '@wordpress/i18n'; import { colord } from 'colord'; import Editor from 'react-simple-code-editor'; @@ -39,7 +41,8 @@ export const Edit = ({ } = attributes; const textAreaRef = useRef(null); - const handleChange = (code: string) => setAttributes({ code }); + const handleChange = (code: string) => + setAttributes({ code: escapeHTML(code) }); const { previousLanguage } = useLanguageStore(); const { highlighter, error, loading } = useTheme({ theme, @@ -80,7 +83,7 @@ export const Edit = ({ setAttributes({ codeHTML: applyFilters( 'blocks.codeBlockPro.codeHTML', - highlighter.codeToHtml(code, { + highlighter.codeToHtml(decodeEntities(code), { lang: language ?? previousLanguage, lineOptions: [...getHighlights(), ...getBlurs()], }), @@ -171,7 +174,7 @@ export const Edit = ({ return (
highlighter - ?.codeToHtml(code, { + ?.codeToHtml(decodeEntities(code), { lang: language ?? previousLanguage, lineOptions: [...getHighlights(), ...getBlurs()], }) From f6038126e65241dd74f6fd5ed919e864784bb2c5 Mon Sep 17 00:00:00 2001 From: Kevin Batdorf Date: Sun, 8 Jan 2023 10:37:29 -0500 Subject: [PATCH 2/2] Update readme --- readme.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/readme.txt b/readme.txt index 6c8fb57..d28279f 100644 --- a/readme.txt +++ b/readme.txt @@ -238,6 +238,8 @@ Themes are rendered inside the editor as you type or make changes, so the code b == Changelog == +- Fix: encode and deocde html entities + = 1.11.2 - 2023-01-04 = - Fix: Update shiki renderer wasm loader to use ArrayBuffer - Tweak: Expose init function as global to allow late init