mirrors/jellyfin-web
1
0
Fork 0
mirror of https://github.com/jellyfin/jellyfin-web synced 2025-03-30 19:56:21 +00:00
Code Activity

Escape HTML

Browse source
This commit is contained in:
Dmitry Lyzo 2022-01-30 00:27:26 +03:00
parent 08cbc5aa8f
commit 59adbc348a
60 changed files with 245 additions and 192 deletions
Download patch file Download diff file Expand all files Collapse all files

27
src/components/cardbuilder/cardBuilder.js
View file

@ -5,6 +5,7 @@
* @module components/cardBuilder/cardBuilder
*/
import escapeHtml from 'escape-html';
import datetime from '../../scripts/datetime';
import imageLoader from '../images/imageLoader';
import itemHelper from '../itemHelper';
@ -813,11 +814,11 @@ import ServerConnections from '../ServerConnections';
IsFolder: true
}));
} else {
lines.push(item.SeriesName);
lines.push(escapeHtml(item.SeriesName));
}
} else {
if (isUsingLiveTvNaming(item)) {
lines.push(item.Name);
lines.push(escapeHtml(item.Name));
if (!item.EpisodeTitle) {
titleAdded = true;
@ -826,7 +827,7 @@ import ServerConnections from '../ServerConnections';
const parentTitle = item.SeriesName || item.Series || item.Album || item.AlbumArtist || '';
if (parentTitle || showTitle) {
lines.push(parentTitle);
lines.push(escapeHtml(parentTitle));
}
}
}
@ -860,7 +861,7 @@ import ServerConnections from '../ServerConnections';
item.AlbumArtists[0].IsFolder = true;
lines.push(getTextActionButton(item.AlbumArtists[0], null, serverId));
} else {
lines.push(isUsingLiveTvNaming(item) ? item.Name : (item.SeriesName || item.Series || item.Album || item.AlbumArtist || ''));
lines.push(escapeHtml(isUsingLiveTvNaming(item) ? item.Name : (item.SeriesName || item.Series || item.Album || item.AlbumArtist || '')));
}
}
@ -948,13 +949,13 @@ import ServerConnections from '../ServerConnections';
}, item.ChannelName));
} else {
lines.push(item.ChannelName || ' ');
lines.push(escapeHtml(item.ChannelName) || ' ');
}
}
if (options.showCurrentProgram && item.Type === 'TvChannel') {
if (item.CurrentProgram) {
lines.push(item.CurrentProgram.Name);
lines.push(escapeHtml(item.CurrentProgram.Name));
} else {
lines.push('');
}
@ -980,13 +981,13 @@ import ServerConnections from '../ServerConnections';
if (item.RecordAnyChannel) {
lines.push(globalize.translate('AllChannels'));
} else {
lines.push(item.ChannelName || globalize.translate('OneChannel'));
lines.push(escapeHtml(item.ChannelName) || globalize.translate('OneChannel'));
}
}
if (options.showPersonRoleOrType) {
if (item.Role) {
lines.push(globalize.translate('PersonRole', item.Role));
lines.push(globalize.translate('PersonRole', escapeHtml(item.Role)));
}
}
}
@ -996,7 +997,7 @@ import ServerConnections from '../ServerConnections';
}
if (overlayText && showTitle) {
lines = [item.Name];
lines = [escapeHtml(item.Name)];
}
const addRightTextMargin = isOuterFooter && options.cardLayout && !options.centerText && options.cardFooterAside !== 'none' && layoutManager.mobile;
@ -1031,6 +1032,8 @@ import ServerConnections from '../ServerConnections';
text = itemHelper.getDisplayName(item);
}
text = escapeHtml(text);
if (layoutManager.tv) {
return text;
}
@ -1442,7 +1445,7 @@ import ServerConnections from '../ServerConnections';
const mediaTypeData = item.MediaType ? (' data-mediatype="' + item.MediaType + '"') : '';
const collectionTypeData = item.CollectionType ? (' data-collectiontype="' + item.CollectionType + '"') : '';
const channelIdData = item.ChannelId ? (' data-channelid="' + item.ChannelId + '"') : '';
const pathData = item.Path ? (' data-path="' + item.Path + '"') : '';
const pathData = item.Path ? (' data-path="' + escapeHtml(item.Path) + '"') : '';
const contextData = options.context ? (' data-context="' + options.context + '"') : '';
const parentIdData = options.parentId ? (' data-parentid="' + options.parentId + '"') : '';
const startDate = item.StartDate ? (' data-startdate="' + item.StartDate.toString() + '"') : '';
@ -1454,7 +1457,7 @@ import ServerConnections from '../ServerConnections';
additionalCardContent += getHoverMenuHtml(item, action);
}
return '<' + tagName + ' data-index="' + index + '"' + timerAttributes + actionAttribute + ' data-isfolder="' + (item.IsFolder || false) + '" data-serverid="' + (item.ServerId || options.serverId) + '" data-id="' + (item.Id || item.ItemId) + '" data-type="' + item.Type + '"' + mediaTypeData + collectionTypeData + channelIdData + pathData + positionTicksData + collectionIdData + playlistIdData + contextData + parentIdData + startDate + endDate + ' data-prefix="' + prefix + '" class="' + className + '"' + ariaLabelAttribute + '>' + cardImageContainerOpen + innerCardFooter + cardImageContainerClose + overlayButtons + additionalCardContent + cardScalableClose + outerCardFooter + cardBoxClose + '</' + tagName + '>';
return '<' + tagName + ' data-index="' + index + '"' + timerAttributes + actionAttribute + ' data-isfolder="' + (item.IsFolder || false) + '" data-serverid="' + (item.ServerId || options.serverId) + '" data-id="' + (item.Id || item.ItemId) + '" data-type="' + item.Type + '"' + mediaTypeData + collectionTypeData + channelIdData + pathData + positionTicksData + collectionIdData + playlistIdData + contextData + parentIdData + startDate + endDate + ' data-prefix="' + escapeHtml(prefix) + '" class="' + className + '"' + ariaLabelAttribute + '>' + cardImageContainerOpen + innerCardFooter + cardImageContainerClose + overlayButtons + additionalCardContent + cardScalableClose + outerCardFooter + cardBoxClose + '</' + tagName + '>';
}
/**
@ -1544,7 +1547,7 @@ import ServerConnections from '../ServerConnections';
}
const defaultName = isUsingLiveTvNaming(item) ? item.Name : itemHelper.getDisplayName(item);
return '<div class="cardText cardDefaultText">' + defaultName + '</div>';
return '<div class="cardText cardDefaultText">' + escapeHtml(defaultName) + '</div>';
}
/**