Make the translation sanitization optional
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
This commit is contained in:
parent
03a1932b15
commit
539e46a07e
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -12,6 +12,7 @@ import _ from 'underscore'
|
|||
import $ from 'jquery'
|
||||
import DOMPurify from 'dompurify'
|
||||
import Handlebars from 'handlebars'
|
||||
import identity from 'lodash/fp/identity'
|
||||
import escapeHTML from 'escape-html'
|
||||
|
||||
import OC from './index'
|
||||
|
@ -84,15 +85,20 @@ const L10n = {
|
|||
* @param {number} [count] number to replace %n with
|
||||
* @param {array} [options] options array
|
||||
* @param {bool} [options.escape=true] enable/disable auto escape of placeholders (by default enabled)
|
||||
* @param {bool} [options.sanitize=true] enable/disable sanitization (by default enabled)
|
||||
* @returns {string}
|
||||
*/
|
||||
translate: function(app, text, vars, count, options) {
|
||||
const defaultOptions = {
|
||||
escape: true,
|
||||
sanitize: true,
|
||||
}
|
||||
const allOptions = options || {}
|
||||
_.defaults(allOptions, defaultOptions)
|
||||
|
||||
const optSanitize = allOptions.sanitize ? DOMPurify.sanitize : identity
|
||||
const optEscape = allOptions.escape ? escapeHTML : identity
|
||||
|
||||
// TODO: cache this function to avoid inline recreation
|
||||
// of the same function over and over again in case
|
||||
// translate() is used in a loop
|
||||
|
@ -101,13 +107,9 @@ const L10n = {
|
|||
function(a, b) {
|
||||
const r = vars[b]
|
||||
if (typeof r === 'string' || typeof r === 'number') {
|
||||
if (allOptions.escape) {
|
||||
return DOMPurify.sanitize(escapeHTML(r))
|
||||
return optSanitize(optEscape(r))
|
||||
} else {
|
||||
return DOMPurify.sanitize(r)
|
||||
}
|
||||
} else {
|
||||
return DOMPurify.sanitize(a)
|
||||
return optSanitize(a)
|
||||
}
|
||||
}
|
||||
)
|
||||
|
@ -120,9 +122,9 @@ const L10n = {
|
|||
}
|
||||
|
||||
if (typeof vars === 'object' || count !== undefined) {
|
||||
return DOMPurify.sanitize(_build(translation, vars, count))
|
||||
return optSanitize(_build(translation, vars, count))
|
||||
} else {
|
||||
return DOMPurify.sanitize(translation)
|
||||
return optSanitize(translation)
|
||||
}
|
||||
},
|
||||
|
||||
|
|
Loading…
Reference in New Issue