Skip to content

Commit c1e58cd

Browse files
committed
Applying strip_html filter to escaped html should not unescape it
1 parent 244f7b8 commit c1e58cd

File tree

5 files changed

+49
-12
lines changed

5 files changed

+49
-12
lines changed

pom.xml

Lines changed: 0 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -62,7 +62,6 @@
6262
<antlr4.version>4.13.0</antlr4.version>
6363
<jackson.databind.version>2.13.4.2</jackson.databind.version>
6464
<jackson.version>2.13.2</jackson.version>
65-
<jsoup.version>1.15.3</jsoup.version>
6665
<junit.version>4.13.1</junit.version>
6766

6867
<main.class />
@@ -101,13 +100,6 @@
101100
<version>${jackson.version}</version>
102101
</dependency>
103102

104-
105-
<dependency>
106-
<groupId>org.jsoup</groupId>
107-
<artifactId>jsoup</artifactId>
108-
<version>${jsoup.version}</version>
109-
</dependency>
110-
111103
<dependency>
112104
<groupId>ua.co.k</groupId>
113105
<artifactId>strftime4j</artifactId>

src/main/java/liqp/LValue.java

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -493,4 +493,19 @@ public boolean isMap(Object value) {
493493
public Map<String, Object> asMap(Object value) {
494494
return (Map<String, Object>)value;
495495
}
496+
497+
public static boolean isBlank(final String string) {
498+
if (string == null || string.length() == 0)
499+
return true;
500+
501+
int l = string.length();
502+
for (int i = 0; i < l; i++) {
503+
if (!isWhitespace(string.codePointAt(i)))
504+
return false;
505+
}
506+
return true;
507+
}
508+
private static boolean isWhitespace(int c){
509+
return c == ' ' || c == '\t' || c == '\n' || c == '\f' || c == '\r';
510+
}
496511
}
Lines changed: 15 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,21 @@
11
package liqp.filters;
22

33
import liqp.TemplateContext;
4-
import org.jsoup.Jsoup;
4+
5+
import java.util.regex.Pattern;
56

67
public class Strip_HTML extends Filter {
78

9+
// STRIP_HTML_BLOCKS = Regexp.union(
10+
// /<script.*?<\/script>/m,
11+
// /<!--.*?-->/m,
12+
// /<style.*?<\/style>/m
13+
// )
14+
private static final Pattern STRIP_HTML_BLOCKS = Pattern.compile("<script.*?</script>|<style.*?</style>|<!--.*?-->", Pattern.MULTILINE);
15+
16+
// STRIP_HTML_TAGS = /<.*?>/m
17+
private static final Pattern STRIP_HTML_TAGS = Pattern.compile("<.*?>", Pattern.MULTILINE);
18+
819
/*
920
* strip_html(input)
1021
*
@@ -14,7 +25,9 @@ public class Strip_HTML extends Filter {
1425
public Object apply(Object value, TemplateContext context, Object... params) {
1526

1627
String html = super.asString(value, context);
28+
html = STRIP_HTML_BLOCKS.matcher(html).replaceAll("");
29+
html = STRIP_HTML_TAGS.matcher(html).replaceAll("");
1730

18-
return Jsoup.parse(html).text();
31+
return html;
1932
}
2033
}

src/main/java/liqp/nodes/OutputNode.java

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,12 +4,13 @@
44
import liqp.TemplateContext;
55
import liqp.TemplateParser;
66
import liqp.exceptions.LiquidException;
7-
import org.jsoup.internal.StringUtil;
87

98
import java.math.BigDecimal;
109
import java.util.ArrayList;
1110
import java.util.List;
1211

12+
import static liqp.LValue.isBlank;
13+
1314
public class OutputNode implements LNode {
1415

1516
private LNode expression;
@@ -40,7 +41,7 @@ public Object render(TemplateContext context) {
4041
}
4142
if (context != null && context.getParser().errorMode == TemplateParser.ErrorMode.WARN) {
4243
String localUnparsed = unparsed;
43-
if (!StringUtil.isBlank(localUnparsed)) {
44+
if (!isBlank(localUnparsed)) {
4445
if (localUnparsed.length() > 30) {
4546
localUnparsed = localUnparsed.substring(0, 30) + "...";
4647
}

src/test/java/liqp/filters/Strip_HTMLTest.java

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -52,4 +52,20 @@ public void applyOriginalTest() {
5252
assertThat(filter.apply("<script type='text/javascript'>document.write('some stuff');</script>", context), is((Object)""));
5353
assertThat(filter.apply(null, context), is((Object)""));
5454
}
55+
56+
57+
@Test
58+
public void testIssue306() {
59+
// given
60+
// {{ "<em>test</em>" | escape }} --> &lt;em&gt;test&lt;/em&gt;
61+
TemplateContext context = new TemplateContext();
62+
Filter filter = Filters.COMMON_FILTERS.get("strip_html");
63+
64+
// when
65+
Object result = filter.apply("&lt;em&gt;test&lt;/em&gt;", context);
66+
67+
68+
// then
69+
assertThat(result, is("&lt;em&gt;test&lt;/em&gt;"));
70+
}
5571
}

0 commit comments

Comments
 (0)