Commit cc543b6c authored by Douwe Maan's avatar Douwe Maan

Merge branch '36041-notification-title' into 'master'

Don't escape html entities in InlineDiffMarkdownMarker

Closes #36041

See merge request !13553
parents 6ed01ebf c271fdc8
---
title: Don't escape html entities in InlineDiffMarkdownMarker
merge_request:
author:
module Gitlab module Gitlab
class StringRangeMarker class StringRangeMarker
attr_accessor :raw_line, :rich_line attr_accessor :raw_line, :rich_line, :html_escaped
def initialize(raw_line, rich_line = raw_line) def initialize(raw_line, rich_line = nil)
@raw_line = raw_line @raw_line = raw_line.dup
if rich_line.nil?
@rich_line = raw_line.dup
@html_escaped = false
else
@rich_line = ERB::Util.html_escape(rich_line) @rich_line = ERB::Util.html_escape(rich_line)
@html_escaped = true
end
end end
def mark(marker_ranges) def mark(marker_ranges)
return rich_line unless marker_ranges return rich_line unless marker_ranges
if html_escaped
rich_marker_ranges = [] rich_marker_ranges = []
marker_ranges.each do |range| marker_ranges.each do |range|
# Map the inline-diff range based on the raw line to character positions in the rich line # Map the inline-diff range based on the raw line to character positions in the rich line
...@@ -17,6 +24,9 @@ module Gitlab ...@@ -17,6 +24,9 @@ module Gitlab
# Turn the array of character positions into ranges # Turn the array of character positions into ranges
rich_marker_ranges.concat(collapse_ranges(rich_positions)) rich_marker_ranges.concat(collapse_ranges(rich_positions))
end end
else
rich_marker_ranges = marker_ranges
end
offset = 0 offset = 0
# Mark each range # Mark each range
...@@ -31,7 +41,7 @@ module Gitlab ...@@ -31,7 +41,7 @@ module Gitlab
offset += text.length - original_text.length offset += text.length - original_text.length
end end
rich_line.html_safe @html_escaped ? rich_line.html_safe : rich_line
end end
private private
......
...@@ -135,10 +135,10 @@ describe DiffHelper do ...@@ -135,10 +135,10 @@ describe DiffHelper do
it "returns strings with marked inline diffs" do it "returns strings with marked inline diffs" do
marked_old_line, marked_new_line = mark_inline_diffs(old_line, new_line) marked_old_line, marked_new_line = mark_inline_diffs(old_line, new_line)
expect(marked_old_line).to eq(%q{abc <span class="idiff left right deletion">&#39;def&#39;</span>}) expect(marked_old_line).to eq(%q{abc <span class="idiff left right deletion">'def'</span>})
expect(marked_old_line).to be_html_safe expect(marked_old_line).not_to be_html_safe
expect(marked_new_line).to eq(%q{abc <span class="idiff left right addition">&quot;def&quot;</span>}) expect(marked_new_line).to eq(%q{abc <span class="idiff left right addition">"def"</span>})
expect(marked_new_line).to be_html_safe expect(marked_new_line).not_to be_html_safe
end end
end end
......
...@@ -6,9 +6,9 @@ describe Gitlab::Diff::InlineDiffMarkdownMarker do ...@@ -6,9 +6,9 @@ describe Gitlab::Diff::InlineDiffMarkdownMarker do
let(:inline_diffs) { [2..5] } let(:inline_diffs) { [2..5] }
let(:subject) { described_class.new(raw).mark(inline_diffs, mode: :deletion) } let(:subject) { described_class.new(raw).mark(inline_diffs, mode: :deletion) }
it 'marks the range' do it 'does not escape html etities and marks the range' do
expect(subject).to eq("ab{-c &#39;d-}ef&#39;") expect(subject).to eq("ab{-c 'd-}ef'")
expect(subject).to be_html_safe expect(subject).not_to be_html_safe
end end
end end
end end
...@@ -2,11 +2,13 @@ require 'spec_helper' ...@@ -2,11 +2,13 @@ require 'spec_helper'
describe Gitlab::Diff::InlineDiffMarker do describe Gitlab::Diff::InlineDiffMarker do
describe '#mark' do describe '#mark' do
context "when the rich text is html safe" do let(:inline_diffs) { [2..5] }
let(:raw) { "abc 'def'" } let(:raw) { "abc 'def'" }
subject { described_class.new(raw, rich).mark(inline_diffs) }
context "when the rich text is html safe" do
let(:rich) { %{<span class="abc">abc</span><span class="space"> </span><span class="def">&#39;def&#39;</span>}.html_safe } let(:rich) { %{<span class="abc">abc</span><span class="space"> </span><span class="def">&#39;def&#39;</span>}.html_safe }
let(:inline_diffs) { [2..5] }
let(:subject) { described_class.new(raw, rich).mark(inline_diffs) }
it 'marks the range' do it 'marks the range' do
expect(subject).to eq(%{<span class="abc">ab<span class="idiff left">c</span></span><span class="space"><span class="idiff"> </span></span><span class="def"><span class="idiff right">&#39;d</span>ef&#39;</span>}) expect(subject).to eq(%{<span class="abc">ab<span class="idiff left">c</span></span><span class="space"><span class="idiff"> </span></span><span class="def"><span class="idiff right">&#39;d</span>ef&#39;</span>})
...@@ -15,12 +17,10 @@ describe Gitlab::Diff::InlineDiffMarker do ...@@ -15,12 +17,10 @@ describe Gitlab::Diff::InlineDiffMarker do
end end
context "when the text text is not html safe" do context "when the text text is not html safe" do
let(:raw) { "abc 'def'" } let(:rich) { "abc 'def' differs" }
let(:inline_diffs) { [2..5] }
let(:subject) { described_class.new(raw).mark(inline_diffs) }
it 'marks the range' do it 'marks the range' do
expect(subject).to eq(%{ab<span class="idiff left right">c &#39;d</span>ef&#39;}) expect(subject).to eq(%{ab<span class="idiff left right">c &#39;d</span>ef&#39; differs})
expect(subject).to be_html_safe expect(subject).to be_html_safe
end end
end end
......
...@@ -2,34 +2,39 @@ require 'spec_helper' ...@@ -2,34 +2,39 @@ require 'spec_helper'
describe Gitlab::StringRangeMarker do describe Gitlab::StringRangeMarker do
describe '#mark' do describe '#mark' do
context "when the rich text is html safe" do def mark_diff(rich = nil)
let(:raw) { "abc <def>" } raw = 'abc <def>'
let(:rich) { %{<span class="abc">abc</span><span class="space"> </span><span class="def">&lt;def&gt;</span>}.html_safe } inline_diffs = [2..5]
let(:inline_diffs) { [2..5] }
subject do
described_class.new(raw, rich).mark(inline_diffs) do |text, left:, right:| described_class.new(raw, rich).mark(inline_diffs) do |text, left:, right:|
"LEFT#{text}RIGHT" "LEFT#{text}RIGHT"
end end
end end
context "when the rich text is html safe" do
let(:rich) { %{<span class="abc">abc</span><span class="space"> </span><span class="def">&lt;def&gt;</span>}.html_safe }
it 'marks the inline diffs' do it 'marks the inline diffs' do
expect(subject).to eq(%{<span class="abc">abLEFTcRIGHT</span><span class="space">LEFT RIGHT</span><span class="def">LEFT&lt;dRIGHTef&gt;</span>}) expect(mark_diff(rich)).to eq(%{<span class="abc">abLEFTcRIGHT</span><span class="space">LEFT RIGHT</span><span class="def">LEFT&lt;dRIGHTef&gt;</span>})
expect(subject).to be_html_safe expect(mark_diff(rich)).to be_html_safe
end end
end end
context "when the rich text is not html safe" do context "when the rich text is not html safe" do
let(:raw) { "abc <def>" } context 'when rich text equals raw text' do
let(:inline_diffs) { [2..5] } it 'marks the inline diffs' do
subject do expect(mark_diff).to eq(%{abLEFTc <dRIGHTef>})
described_class.new(raw).mark(inline_diffs) do |text, left:, right:| expect(mark_diff).not_to be_html_safe
"LEFT#{text}RIGHT"
end end
end end
context 'when rich text doeas not equal raw text' do
let(:rich) { "abc <def> differs" }
it 'marks the inline diffs' do it 'marks the inline diffs' do
expect(subject).to eq(%{abLEFTc &lt;dRIGHTef&gt;}) expect(mark_diff(rich)).to eq(%{abLEFTc &lt;dRIGHTef&gt; differs})
expect(subject).to be_html_safe expect(mark_diff(rich)).to be_html_safe
end
end end
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment