Skip to content
This repository was archived by the owner on Feb 7, 2023. It is now read-only.

Commit 9dc11a0

Browse files
dmolsendmolsen
committed
properly escaping the HTML for the code view
1 parent 8467664 commit 9dc11a0

File tree

3 files changed

+12
-8
lines changed

3 files changed

+12
-8
lines changed

builder/lib/builder.lib.php

Lines changed: 10 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -198,7 +198,7 @@ private function generatePatternFile($f) {
198198
$pp = $this->getPatternPartial($f);
199199
$fr = str_replace("{{ patternPartial }}",$pp,$fr);
200200
$fr = str_replace("{{ lineage }}",json_encode($this->patternLineages[$pp]),$fr);
201-
$fr = str_replace("{{ patternHTML }}",$rf,$fr);
201+
$fr = str_replace("{{ patternHTML }}",htmlentities($rf),$fr);
202202

203203
// set-up the mark-up for CSS Rule Saver so it can figure out which rules to save
204204
if ($this->enableCSS) {
@@ -620,7 +620,8 @@ protected function gatherPartials() {
620620
$patternParts = explode("/",$path);
621621
$patternName = $this->getPatternName($patternParts[2]);
622622
$patternLink = str_replace("/","-",$path)."/".str_replace("/","-",$path).".html";
623-
$patternCode = $this->renderPattern($path.".mustache");
623+
$patternCodeHTML = $this->renderPattern($path.".mustache");
624+
$patternCode = htmlentities($patternCodeHTML);
624625
$patternPartial = $this->getPatternPartial($path);
625626
$patternLineageExists = (count($this->patternLineages[$patternPartial]) > 0) ? true : false;
626627
$patternLineages = $this->patternLineages[$patternPartial];
@@ -630,7 +631,8 @@ protected function gatherPartials() {
630631
$p["partials"][] = array("patternName" => ucwords($patternName),
631632
"patternLink" => $patternLink,
632633
"patternPartialPath" => $patternType."-".$pattern,
633-
"patternPartial" => $patternCode,
634+
"patternCode" => $patternCode,
635+
"patternPartial" => $patternCodeHTML,
634636
"patternCSS" => $patternCSS,
635637
"patternLineageExists" => $patternLineageExists,
636638
"patternLineages" => $patternLineages,
@@ -678,7 +680,8 @@ protected function gatherPartialsByMatch($patternType, $patternSubType) {
678680
// create the pattern name & link, render the partial, and stick it all into the pattern array
679681
$patternName = $this->getPatternName($patternParts[2]);
680682
$patternLink = str_replace("/","-",$path)."/".str_replace("/","-",$path).".html";
681-
$patternCode = $this->renderPattern($path.".mustache");
683+
$patternCodeHTML = $this->renderPattern($path.".mustache");
684+
$patternCode = htmlentities($patternCodeHTML);
682685
$patternPartial = $this->getPatternPartial($path);
683686
$patternLineages = $this->patternLineages[$patternPartial];
684687
$patternLineageExists = (count($patternLineages) > 0) ? true : false;
@@ -687,8 +690,9 @@ protected function gatherPartialsByMatch($patternType, $patternSubType) {
687690

688691
$p["partials"][] = array("patternName" => ucwords($patternName),
689692
"patternLink" => $patternLink,
690-
"patternPartialPath" => str_replace(" ","-",$patternTypeClean)."-".str_replace(" ","-",$patternName),
691-
"patternPartial" => $patternCode,
693+
"patternPartialPath" => str_replace(" ","-",$patternTypeClean)."-".str_replace(" ","-",$patternName),
694+
"patternCode" => $patternCode,
695+
"patternPartial" => $patternCodeHTML,
692696
"patternCSS" => $patternCSS,
693697
"patternLineageExists" => $patternLineageExists,
694698
"patternLineages" => $patternLineages,

source/_patternlab-files/styleguide.mustache

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@
3131
<h3 class="sg-code-head">HTML</h3>
3232
<pre class="sg-code-html">
3333
<code>
34-
{{ patternPartial }}
34+
{{{ patternCode }}}
3535
</code>
3636
</pre>
3737
{{# patternCSSExists }}

source/_patternlab-files/viewall.mustache

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@
3131
<h3 class="sg-code-head">HTML</h3>
3232
<pre class="sg-code-html">
3333
<code>
34-
{{ patternPartial }}
34+
{{{ patternCode }}}
3535
</code>
3636
</pre>
3737
{{# patternCSSExists }}

0 commit comments

Comments
 (0)