Skip to content

Commit

Permalink
fix 305: external images URLs are not properly escaped
Browse files Browse the repository at this point in the history
  • Loading branch information
@recrtl @mrueg
recrtl authored and mrueg committed May 5, 2023
1 parent 622be6e commit eba2396
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 3 deletions.
5 changes: 4 additions & 1 deletion pkg/mark/markdown.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -482,6 +482,9 @@ func (r *ConfluenceRenderer) renderImage(writer util.BufWriter, source []byte, n

// We were unable to resolve it locally, treat as URL
if err != nil {
escapedURL := string(n.Destination)
escapedURL = strings.ReplaceAll(escapedURL, "&", "&")

err = r.Stdlib.Templates.ExecuteTemplate(
writer,
"ac:image",
Expand All @@ -498,7 +501,7 @@ func (r *ConfluenceRenderer) renderImage(writer util.BufWriter, source []byte, n
string(n.Title),
string(nodeToHTMLText(n, source)),
"",
string(n.Destination),
escapedURL,
},
)
} else {
Expand Down
2 changes: 1 addition & 1 deletion pkg/mark/testdata/links.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
<p>Use <ac:link><ri:page ri:content-title="Another Page"/><ac:plain-text-link-body><![CDATA[Another Page]]></ac:plain-text-link-body></ac:link></p>
<p>Use <ac:link><ri:page ri:content-title="Page With Space"/><ac:plain-text-link-body><![CDATA[page link with spaces]]></ac:plain-text-link-body></ac:link></p>
<p><ac:image ac:alt="My Image"><ri:attachment ri:filename="test.png"/></ac:image></p>
<p><ac:image ac:alt="My External Image"><ri:url ri:value="http://confluence.atlassian.com/images/logo/confluence_48_trans.png"/></ac:image></p>
<p><ac:image ac:alt="My External Image"><ri:url ri:value="http://confluence.atlassian.com/images/logo/confluence_48_trans.png?key1=value1&amp;key2=value2"/></ac:image></p>
<p>Use footnotes link <sup id="fnref:1"><a href="#fn:1" class="footnote-ref" role="doc-noteref">1</a></sup></p>
<div class="footnotes" role="doc-endnotes">
<hr />
Expand Down
2 changes: 1 addition & 1 deletion pkg/mark/testdata/links.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ Use [page link with spaces](<ac:Page With Space>)

![My Image](test.png)

![My External Image](http://confluence.atlassian.com/images/logo/confluence_48_trans.png)
![My External Image](http://confluence.atlassian.com/images/logo/confluence_48_trans.png?key1=value1&key2=value2)

Use footnotes link [^1]
[^1]: a footnote link
Expand Down

0 comments on commit eba2396

Please sign in to comment.