mirror of
https://github.com/squidfunk/mkdocs-material.git
synced 2024-11-23 23:21:00 +01:00
Fixed JavaScript code block evaluation in search results
This commit is contained in:
parent
8217dcd8cd
commit
61dcde1dda
@ -1,3 +1,7 @@
|
||||
mkdocs-material-3.x.x (2018-xx-xx)
|
||||
|
||||
* Fixed #906: JavaScript code blocks evaluated in search results
|
||||
|
||||
mkdocs-material-3.0.5 (2018-10-23)
|
||||
|
||||
* Added Croatian and Indonesian translations
|
||||
|
File diff suppressed because one or more lines are too long
@ -177,7 +177,7 @@
|
||||
{% endblock %}
|
||||
</div>
|
||||
{% block scripts %}
|
||||
<script src="{{ 'assets/javascripts/application.a26c1c19.js' | url }}"></script>
|
||||
<script src="{{ 'assets/javascripts/application.627ea402.js' | url }}"></script>
|
||||
{% if lang.t("search.language") != "en" %}
|
||||
{% set languages = lang.t("search.language").split(",") %}
|
||||
{% if languages | length and languages[0] != "" %}
|
||||
|
@ -27,6 +27,25 @@ import lunr from "expose-loader?lunr!lunr"
|
||||
* Functions
|
||||
* ------------------------------------------------------------------------- */
|
||||
|
||||
/**
|
||||
* Escape HTML strings
|
||||
*
|
||||
* Documentation may contain code JavaScript code snippets which would get
|
||||
* executed when inserted into the DOM as plain HTML.
|
||||
*
|
||||
* See https://github.com/squidfunk/mkdocs-material/issues/906
|
||||
*
|
||||
* @param {string} html - HTML string
|
||||
*
|
||||
* @return {string} Escaped HTML string
|
||||
*/
|
||||
const escapeHTML = html => {
|
||||
var text = document.createTextNode(html);
|
||||
var p = document.createElement('p');
|
||||
p.appendChild(text);
|
||||
return p.innerHTML;
|
||||
}
|
||||
|
||||
/**
|
||||
* Truncate a string after the given number of character
|
||||
*
|
||||
@ -138,6 +157,10 @@ export default class Result {
|
||||
this.docs_ = data.reduce((docs, doc) => {
|
||||
const [path, hash] = doc.location.split("#")
|
||||
|
||||
/* Escape HTML */
|
||||
doc.title = escapeHTML(doc.title)
|
||||
doc.text = escapeHTML(doc.text)
|
||||
|
||||
/* Associate section with parent document */
|
||||
if (hash) {
|
||||
doc.parent = docs.get(path)
|
||||
|
Loading…
Reference in New Issue
Block a user