rustdoc: Remove regex sanitation

rust-lang · Jan 24, 2024 · e4c0401 · e4c0401
1 parent d8287d0
commit e4c0401
Showing 1 changed file with 5 additions and 12 deletions.
diff --git a/src/librustdoc/html/static/js/storage.js b/src/librustdoc/html/static/js/storage.js
@@ -24,15 +24,7 @@ function getSettingValue(settingName) {
             return def;
         }
     }
-    // Strip out characters we don't expect to find in settings values.
-    // This prevents an injection vulnerability where someone could plant
-    // JS code into the localStorage value, which could be executed when
-    // we pull it out.
-    if (current) {
-        return current.replace(/[\s()[\]{}*"'`<>.:;=&|]/g,"");
-    }
-
-    return null;
+    return current;
 }
 
 const localStoredTheme = getSettingValue("theme");
@@ -109,10 +101,11 @@ const getVar = (function getVar(name) {
 });
 
 function switchTheme(newThemeName, saveTheme) {
-    const theme_names = getVar("themes").split(",").filter(t => t);
-    theme_names.push("light", "dark", "ayu");
+    const themeNames = getVar("themes").split(",").filter(t => t);
+    themeNames.push(...builtinThemes);
 
-    if (theme_names.indexOf(newThemeName) == -1) {
+    // Ensure that the new theme name is among the defined themes
+    if (themeNames.indexOf(newThemeName) === -1) {
         return;
     }