From e97dd48b4c046bac86322d91a13fd55d0cf3a99f Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 20 Mar 2017 19:41:03 -0700 Subject: even more fine tuning of the markdown purifier - especially when used with the wiki --- Zotlabs/Lib/MarkdownSoap.php | 2 +- Zotlabs/Lib/NativeWikiPage.php | 2 +- Zotlabs/Module/Wiki.php | 1 + view/tpl/wiki.tpl | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/Zotlabs/Lib/MarkdownSoap.php b/Zotlabs/Lib/MarkdownSoap.php index 8cc18d513..cf1446f45 100644 --- a/Zotlabs/Lib/MarkdownSoap.php +++ b/Zotlabs/Lib/MarkdownSoap.php @@ -81,7 +81,7 @@ class MarkdownSoap { $s = str_replace("\t",'    ',$s); $s = str_replace(' ',' ',$s); $s = purify_html($s); - $s = str_replace(' '," ",$s); + $s = str_replace([' ', mb_convert_encoding(' ','UTF-8','HTML-ENTITIES')], [ ' ', ' ' ],$s); $s = str_replace(['
','
'],["\n","\n"],$s); return $s; } diff --git a/Zotlabs/Lib/NativeWikiPage.php b/Zotlabs/Lib/NativeWikiPage.php index 3d6da7779..960fe014e 100644 --- a/Zotlabs/Lib/NativeWikiPage.php +++ b/Zotlabs/Lib/NativeWikiPage.php @@ -156,7 +156,7 @@ class NativeWikiPage { $content = $item['body']; return [ - 'content' => json_encode($content), + 'content' => $content, 'mimeType' => $w['mimeType'], 'message' => '', 'success' => true diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 4234ba3fd..9adef1795 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -256,6 +256,7 @@ class Wiki extends \Zotlabs\Web\Controller { goaway('/' . argv(0) . '/' . argv(1) . '/' . $wikiUrlName . '/' . $pageUrlName); } + $wikiModalID = random_string(3); $wikiModal = replace_macros(get_markup_template('generic_modal.tpl'), array( diff --git a/view/tpl/wiki.tpl b/view/tpl/wiki.tpl index 87c649581..452fd429d 100644 --- a/view/tpl/wiki.tpl +++ b/view/tpl/wiki.tpl @@ -104,7 +104,7 @@ window.wiki_resource_id = '{{$resource_id}}'; window.wiki_page_name = '{{$page}}'; // window.wiki_page_content = "{{$content|escape:'javascript'}}"; - window.wiki_page_content = {{$content}}; + window.wiki_page_content = '{{$content|escape:'quotes'}}'; window.wiki_page_commit = '{{$commit}}'; $("#generic-modal-ok-{{$wikiModalID}}").removeClass('btn-primary'); -- cgit v1.2.3