Skip to content

Commit

Permalink
Merge pull request #5020 from wavetermdev/escape-html
Browse files Browse the repository at this point in the history
Escape Unsafe HTML Characters in addon-serialize
  • Loading branch information
Tyriar authored Apr 21, 2024
2 parents 499afa1 + 4310456 commit 1709d44
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 1 deletion.
10 changes: 10 additions & 0 deletions addons/addon-serialize/src/SerializeAddon.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -138,6 +138,16 @@ describe('SerializeAddon', () => {
assert.equal((output.match(/<div><span>terminal<\/span><\/div>/g) || []).length, 1, output);
});

it('basic terminal with html unsafe chars', async () => {
await writeP(terminal, ' <a>&pi; ');
terminal.select(1, 0, 7);

const output = serializeAddon.serializeAsHTML({
onlySelection: true
});
assert.equal((output.match(/<div><span>&lt;a>&amp;pi;<\/span><\/div>/g) || []).length, 1, output);
});

it('cells with bold styling', async () => {
await writeP(terminal, ' ' + sgr('1') + 'terminal' + sgr('22') + ' ');

Expand Down
10 changes: 9 additions & 1 deletion addons/addon-serialize/src/SerializeAddon.ts
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,14 @@ function constrain(value: number, low: number, high: number): number {
return Math.max(low, Math.min(value, high));
}

function escapeHTMLChar(c: string): string {
switch (c) {
case '&': return '&amp;';
case '<': return '&lt;';
}
return c;
}

// TODO: Refine this template class later
abstract class BaseSerializeHandler {
constructor(
Expand Down Expand Up @@ -669,7 +677,7 @@ export class HTMLSerializeHandler extends BaseSerializeHandler {
if (isEmptyCell) {
this._currentRow += ' ';
} else {
this._currentRow += cell.getChars();
this._currentRow += escapeHTMLChar(cell.getChars());
}
}

Expand Down

0 comments on commit 1709d44

Please sign in to comment.