Merge pull request #10428 from nanaya/map-strict

Fix escaping in invalid imagemap

app/Libraries/BBCodeFromDB.php

@@ -134,7 +134,8 @@ public function parseImagemap($text)
         return preg_replace_callback(
             '#(\[imagemap\].+?\[/imagemap\]\n?)#',
             function ($m) {
-                return preg_replace_callback(
+                $unescaped = html_entity_decode_better(BBCodeForDB::extraUnescape($m[1]));
+                $parsed = preg_replace_callback(
                     '#\[imagemap\]\n(?<imageUrl>https?://.+)\n(?<links>(?:(?:[0-9.]+ ){4}(?:\#|https?://[^\s]+|mailto:[^\s]+)(?: .*)?\n)+)\[/imagemap\]\n?#',
                     function ($map) {
                         $links = array_map(
@@ -173,8 +174,10 @@ function ($map) {
 
                         return tag('div', ['class' => 'imagemap'], $imageHtml.$linksHtml);
                     },
-                    html_entity_decode_better(BBCodeForDB::extraUnescape($m[1])),
+                    $unescaped,
                 );
+
+                return $parsed === $unescaped ? $m[1] : $parsed;
             },
             $text,
         );

tests/Libraries/bbcode_examples/imagemap.html

@@ -11,6 +11,4 @@
     <a class="imagemap__link" href="https://osu.ppy.sh/users/2" style="left:40%;top:50%;width:60%;height:70%;" title=""></a>
 </div>
 <br />
-[imagemap]<br />
-https://assets.ppy.sh/osu-web-test-resources/placeholder-1280x720.jpg<br />
-[/imagemap]
+[imagemap]https://assets.ppy.sh/osu-web-test-resources/placeholder-1280x720.jpg[/imagemap]

tests/Libraries/bbcode_examples/imagemap_invalid_content_escape.base.txt

@@ -0,0 +1,3 @@
+[imagemap]
+<strong>
+[/imagemap]

tests/Libraries/bbcode_examples/imagemap_invalid_content_escape.db.txt

@@ -0,0 +1 @@
+[imagemap]
<strong>
[/imagemap]

tests/Libraries/bbcode_examples/imagemap_invalid_content_escape.html

@@ -0,0 +1 @@
+[imagemap]<strong>[/imagemap]