v 0.7.9-patch(4586)
This commit is contained in:
canewsin
parent
2ad80afa10
commit
ac70f83879
2 changed files with 25 additions and 6 deletions
|
|
@ -13,8 +13,8 @@ import time
|
||||||
class Config(object):
|
class Config(object):
|
||||||
|
|
||||||
def __init__(self, argv):
|
def __init__(self, argv):
|
||||||
self.version = "0.7.9"
|
self.version = "0.7.9-patch"
|
||||||
self.rev = 4585
|
self.rev = 4586
|
||||||
self.argv = argv
|
self.argv = argv
|
||||||
self.action = None
|
self.action = None
|
||||||
self.test_parser = None
|
self.test_parser = None
|
||||||
|
|
|
||||||
|
|
@ -544,17 +544,36 @@ class UiRequest(object):
|
||||||
if show_loadingscreen:
|
if show_loadingscreen:
|
||||||
meta_tags += '<meta name="viewport" id="viewport" content="width=device-width, initial-scale=0.8">';
|
meta_tags += '<meta name="viewport" id="viewport" content="width=device-width, initial-scale=0.8">';
|
||||||
|
|
||||||
|
def xescape(s):
|
||||||
|
'''combines parts from re.escape & html.escape'''
|
||||||
|
# https://github.com/python/cpython/blob/3.10/Lib/re.py#L267
|
||||||
|
# '&' is handled otherwise
|
||||||
|
re_chars = {i: '\\' + chr(i) for i in b'()[]{}*+-|^$\\.~# \t\n\r\v\f'}
|
||||||
|
# https://github.com/python/cpython/blob/3.10/Lib/html/__init__.py#L12
|
||||||
|
html_chars = {
|
||||||
|
'<' : '<',
|
||||||
|
'>' : '>',
|
||||||
|
'"' : '"',
|
||||||
|
"'" : ''',
|
||||||
|
}
|
||||||
|
# we can't replace '&' because it makes certain zites work incorrectly
|
||||||
|
# it should however in no way interfere with re.sub in render
|
||||||
|
repl = {}
|
||||||
|
repl.update(re_chars)
|
||||||
|
repl.update(html_chars)
|
||||||
|
return s.translate(repl)
|
||||||
|
|
||||||
return self.render(
|
return self.render(
|
||||||
"src/Ui/template/wrapper.html",
|
"src/Ui/template/wrapper.html",
|
||||||
server_url=server_url,
|
server_url=server_url,
|
||||||
inner_path=inner_path,
|
inner_path=inner_path,
|
||||||
file_url=re.escape(file_url),
|
file_url=xescape(file_url),
|
||||||
file_inner_path=re.escape(file_inner_path),
|
file_inner_path=xescape(file_inner_path),
|
||||||
address=site.address,
|
address=site.address,
|
||||||
title=html.escape(title),
|
title=xescape(title),
|
||||||
body_style=body_style,
|
body_style=body_style,
|
||||||
meta_tags=meta_tags,
|
meta_tags=meta_tags,
|
||||||
query_string=re.escape(inner_query_string),
|
query_string=xescape(inner_query_string),
|
||||||
wrapper_key=site.settings["wrapper_key"],
|
wrapper_key=site.settings["wrapper_key"],
|
||||||
ajax_key=site.settings["ajax_key"],
|
ajax_key=site.settings["ajax_key"],
|
||||||
wrapper_nonce=wrapper_nonce,
|
wrapper_nonce=wrapper_nonce,
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue