对笔记的Tag中由JS创建的DOM节点在进行内容设置时对HTML进行转义

2015-01-20 01:15:55 +08:00
parent 014a141808
commit ffaaa8c11a
6 changed files with 268 additions and 268 deletions
--- a/public/js/app/note-min.js
+++ b/public/js/app/note-min.js
--- a/public/js/app/note.js
+++ b/public/js/app/note.js
@ -1595,7 +1595,7 @@ var Attach = {
 		for(var i = 0; i < attachNum; ++i) {
 			var each = attachs[i];
 			html += '<li class="clearfix" data-id="' + each.AttachId + '">' +
-						'<div class="attach-title">' + each.Title + '</div>' + 
+						'<div class="attach-title">' + Note._toHtmlEntity(each.Title) + '</div>' +
 						'<div class="attach-process"> ' +
 						'	  <button class="btn btn-sm btn-warning delete-attach" data-loading-text="..."><i class="fa fa-trash-o"></i></button> ' +
 						'	  <button type="button" class="btn btn-sm btn-primary download-attach"><i class="fa fa-download"></i></button> ' +
--- a/public/js/app/notebook-min.js
+++ b/public/js/app/notebook-min.js
--- a/public/js/app/notebook.js
+++ b/public/js/app/notebook.js
@ -54,7 +54,7 @@ Notebook.getNotebook = function(notebookId) {
 Notebook.getNotebookTitle = function(notebookId) {
 	var notebook = Notebook.cache[notebookId];
 	if(notebook) {
-		return notebook.Title;
+		return Note._toHtmlEntity(notebook.Title);
 	} else {
 		return "未知";
 	}
@ -399,7 +399,7 @@ Notebook.getChangedNotebooks = function(notebooks) {
 		if(!isEmpty(notebook.Subs)) {
 			classes = "dropdown-submenu";
 		}
-		var eachForNew = tt('<li role="presentation" class="clearfix ?"><div class="new-note-left pull-left" title="为该笔记本新建笔记" href="#" notebookId="?">?</div><div title="为该笔记本新建markdown笔记" class="new-note-right pull-left" notebookId="?">M</div>', classes, notebook.NotebookId, notebook.Title, notebook.NotebookId);
+		var eachForNew = tt('<li role="presentation" class="clearfix ?"><div class="new-note-left pull-left" title="为该笔记本新建笔记" href="#" notebookId="?">?</div><div title="为该笔记本新建markdown笔记" class="new-note-right pull-left" notebookId="?">M</div>', classes, notebook.NotebookId, Note._toHtmlEntity(notebook.Title), notebook.NotebookId);

 		if(!isEmpty(notebook.Subs)) {
 			eachForNew  += "<ul class='dropdown-menu'>";
@ -482,7 +482,7 @@ Notebook.renderShareNotebooks = function(sharedUserInfos, shareNotebooks) {
 		var body = '<ul class="folderBody">';
 		for(var j in userNotebooks.ShareNotebooks) {
 			var notebook = userNotebooks.ShareNotebooks[j];
-			body += tt('<li><a notebookId="?">?</a></li>', notebook.NotebookId, notebook.Title)
+			body += tt('<li><a notebookId="?">?</a></li>', notebook.NotebookId, Note._toHtmlEntity(notebook.Title))
 		}
 		body += "</ul>";

@ -511,7 +511,7 @@ Notebook.changeNotebookNavForNewNote = function(notebookId, title) {
 	}

 	if(!Notebook.isAllNotebookId(notebookId) && !Notebook.isTrashNotebookId(notebookId)) {
-		$("#curNotebookForNewNote").html(title).attr("notebookId", notebookId);
+		$("#curNotebookForNewNote").text(title).attr("notebookId", notebookId);
 	} else if(!$("#curNotebookForNewNote").attr("notebookId")) {
 		// 但又没有一个笔记, 默认选第一个吧
 		// 这里很可能会死循环, 万一用户没有其它笔记呢?
@ -555,7 +555,7 @@ Notebook.changeNotebookNav = function(notebookId) {
 	}

 	// 2
-	$("#curNotebookForListNote").html(notebook.Title);
+	$("#curNotebookForListNote").text(notebook.Title);

 	// 3
 	Notebook.changeNotebookNavForNewNote(notebookId, notebook.Title);
--- a/public/js/app/tag-min.js
+++ b/public/js/app/tag-min.js
@ -1 +1 @@
-Tag.classes={"蓝色":"label label-blue","红色":"label label-red","绿色":"label label-green","黄色":"label label-yellow",blue:"label label-blue",red:"label label-red",green:"label label-green",yellow:"label label-yellow"};Tag.mapCn2En={"蓝色":"blue","红色":"red","绿色":"green","黄色":"yellow"};Tag.mapEn2Cn={blue:"蓝色",red:"红色",green:"绿色",yellow:"黄色"};Tag.t=$("#tags");Tag.getTags=function(){var tags=[];Tag.t.children().each(function(){var text=$(this).text();text=text.substring(0,text.length-1);text=Tag.mapCn2En[text]||text;tags.push(text)});return tags};Tag.clearTags=function(){Tag.t.html("")};Tag.renderTags=function(tags){Tag.t.html("");if(isEmpty(tags)){return}for(var i=0;i<tags.length;++i){var tag=tags[i];Tag.appendTag(tag)}};function revertTagStatus(){$("#addTagTrigger").show();$("#addTagInput").hide()}function hideTagList(event){$("#tagDropdown").removeClass("open");if(event){event.stopPropagation()}}function showTagList(event){$("#tagDropdown").addClass("open");if(event){event.stopPropagation()}}Tag.renderReadOnlyTags=function(tags){$("#noteReadTags").html("");if(isEmpty(tags)){$("#noteReadTags").html(getMsg("noTag"))}var i=true;function getNextDefaultClasses(){if(i){return"label label-default";i=false}else{i=true;return"label label-info"}}for(var i in tags){var text=tags[i];text=Tag.mapEn2Cn[text]||text;var classes=Tag.classes[text];if(!classes){classes=getNextDefaultClasses()}tag=tt('<span class="?">?</span>',classes,text);$("#noteReadTags").append(tag)}};Tag.appendTag=function(tag){var isColor=false;var classes,text;if(typeof tag=="object"){classes=tag.classes;text=tag.text;if(!text){return}}else{tag=$.trim(tag);text=tag;if(!text){return}var classes=Tag.classes[text];if(classes){isColor=true}else{classes="label label-default"}}if(LEA.locale=="zh"){text=Tag.mapEn2Cn[text]||text}tag=tt('<span class="?">?<i title="'+getMsg("delete")+'">X</i></span>',classes,text);$("#tags").children().each(function(){if(isColor){var tagHtml=$("<div></div>").append($(this).clone()).html();if(tagHtml==tag){$(this).remove()}}else if(text+"X"==$(this).text()){$(this).remove()}});$("#tags").append(tag);hideTagList();if(!isColor){reRenderTags()}};function reRenderTags(){var defautClasses=["label label-default","label label-info"];var i=0;$("#tags").children().each(function(){var thisClasses=$(this).attr("class");if(thisClasses=="label label-default"||thisClasses=="label label-info"){$(this).removeClass(thisClasses).addClass(defautClasses[i%2]);i++}})}Tag.renderTagNav=function(tags){tags=tags||[];for(var i in tags){var tag=tags[i];if(tag=="red"||tag=="blue"||tag=="yellow"||tag=="green"){continue}var text=Tag.mapEn2Cn[tag]||tag;var classes=Tag.classes[tag]||"label label-default";$("#tagNav").append(tt('<li data-tag="?"><a> <span class="?">?</span></li>',text,classes,text))}};$(function(){$("#addTagTrigger").click(function(){$(this).hide();$("#addTagInput").show().focus().val("")});$("#addTagInput").click(function(event){showTagList(event)});$("#addTagInput").blur(function(){var val=$(this).val();if(val){Tag.appendTag(val,true)}return;$("#addTagTrigger").show();$("#addTagInput").hide()});$("#addTagInput").keydown(function(e){if(e.keyCode==13){hideTagList();if($("#addTagInput").val()){$(this).trigger("blur");$("#addTagTrigger").trigger("click")}else{$(this).trigger("blur")}}});$("#tagColor li").click(function(event){var a;if($(this).attr("role")){a=$(this).find("span")}else{a=$(this)}Tag.appendTag({classes:a.attr("class"),text:a.text()})});$("#tags").on("click","i",function(){$(this).parent().remove();reRenderTags()});function searchTag(){var tag=$.trim($(this).data("tag"));Note.curChangedSaveIt();Note.clearAll();$("#tagSearch").html($(this).html()).show();showLoading();ajaxGet("/note/searchNoteByTags",{tags:[tag]},function(notes){hideLoading();if(notes){Note.renderNotes(notes);if(!isEmpty(notes)){Note.changeNote(notes[0].NoteId)}}})}$("#myTag .folderBody").on("click","li",searchTag);$("#minTagNav").on("click","li",searchTag)});
+Tag.classes={"蓝色":"label label-blue","红色":"label label-red","绿色":"label label-green","黄色":"label label-yellow",blue:"label label-blue",red:"label label-red",green:"label label-green",yellow:"label label-yellow"};Tag.mapCn2En={"蓝色":"blue","红色":"red","绿色":"green","黄色":"yellow"};Tag.mapEn2Cn={blue:"蓝色",red:"红色",green:"绿色",yellow:"黄色"};Tag.t=$("#tags");Tag.getTags=function(){var tags=[];Tag.t.children().each(function(){var text=$(this).text();text=text.substring(0,text.length-1);text=Tag.mapCn2En[text]||text;tags.push(text)});return tags};Tag.clearTags=function(){Tag.t.html("")};Tag.renderTags=function(tags){Tag.t.html("");if(isEmpty(tags)){return}for(var i=0;i<tags.length;++i){var tag=tags[i];Tag.appendTag(tag)}};function revertTagStatus(){$("#addTagTrigger").show();$("#addTagInput").hide()}function hideTagList(event){$("#tagDropdown").removeClass("open");if(event){event.stopPropagation()}}function showTagList(event){$("#tagDropdown").addClass("open");if(event){event.stopPropagation()}}Tag.renderReadOnlyTags=function(tags){$("#noteReadTags").html("");if(isEmpty(tags)){$("#noteReadTags").html(getMsg("noTag"))}var i=true;function getNextDefaultClasses(){if(i){return"label label-default";i=false}else{i=true;return"label label-info"}}for(var i in tags){var text=tags[i];text=Tag.mapEn2Cn[text]||text;var classes=Tag.classes[text];if(!classes){classes=getNextDefaultClasses()}tag=tt('<span class="?">?</span>',classes,text);$("#noteReadTags").append(tag)}};Tag.appendTag=function(tag){var isColor=false;var classes,text;if(typeof tag=="object"){classes=tag.classes;text=tag.text;if(!text){return}}else{tag=$.trim(tag);text=tag;if(!text){return}var classes=Tag.classes[text];if(classes){isColor=true}else{classes="label label-default"}}if(LEA.locale=="zh"){text=Tag.mapEn2Cn[text]||text}tag=tt('<span class="?">?<i title="'+getMsg("delete")+'">X</i></span>',classes,Note._toHtmlEntity(text));$("#tags").children().each(function(){if(isColor){var tagHtml=$("<div></div>").append($(this).clone()).html();if(tagHtml==tag){$(this).remove()}}else if(text+"X"==$(this).text()){$(this).remove()}});$("#tags").append(tag);hideTagList();if(!isColor){reRenderTags()}};function reRenderTags(){var defautClasses=["label label-default","label label-info"];var i=0;$("#tags").children().each(function(){var thisClasses=$(this).attr("class");if(thisClasses=="label label-default"||thisClasses=="label label-info"){$(this).removeClass(thisClasses).addClass(defautClasses[i%2]);i++}})}Tag.renderTagNav=function(tags){tags=tags||[];for(var i in tags){var tag=tags[i];if(tag=="red"||tag=="blue"||tag=="yellow"||tag=="green"){continue}var text=Note._toHtmlEntity(Tag.mapEn2Cn[tag]||tag);var classes=Tag.classes[tag]||"label label-default";$("#tagNav").append(tt('<li data-tag="?"><a> <span class="?">?</span></li>',text,classes,text))}};$(function(){$("#addTagTrigger").click(function(){$(this).hide();$("#addTagInput").show().focus().val("")});$("#addTagInput").click(function(event){showTagList(event)});$("#addTagInput").blur(function(){var val=$(this).val();if(val){Tag.appendTag(val,true)}return;$("#addTagTrigger").show();$("#addTagInput").hide()});$("#addTagInput").keydown(function(e){if(e.keyCode==13){hideTagList();if($("#addTagInput").val()){$(this).trigger("blur");$("#addTagTrigger").trigger("click")}else{$(this).trigger("blur")}}});$("#tagColor li").click(function(event){var a;if($(this).attr("role")){a=$(this).find("span")}else{a=$(this)}Tag.appendTag({classes:a.attr("class"),text:a.text()})});$("#tags").on("click","i",function(){$(this).parent().remove();reRenderTags()});function searchTag(){var tag=$.trim($(this).data("tag"));Note.curChangedSaveIt();Note.clearAll();$("#tagSearch").html($(this).html()).show();showLoading();ajaxGet("/note/searchNoteByTags",{tags:[tag]},function(notes){hideLoading();if(notes){Note.renderNotes(notes);if(!isEmpty(notes)){Note.changeNote(notes[0].NoteId)}}})}$("#myTag .folderBody").on("click","li",searchTag);$("#minTagNav").on("click","li",searchTag)});
--- a/public/js/app/tag.js
+++ b/public/js/app/tag.js
@ -144,7 +144,7 @@ Tag.appendTag = function(tag) {
 	if(LEA.locale == "zh") {
 		text = Tag.mapEn2Cn[text] || text;
 	}
-	tag = tt('<span class="?">?<i title="' + getMsg("delete") + '">X</i></span>', classes, text);
+	tag = tt('<span class="?">?<i title="' + getMsg("delete") + '">X</i></span>', classes, Note._toHtmlEntity(text));

 	// 避免重复
 	$("#tags").children().each(function() {
@ -192,7 +192,7 @@ Tag.renderTagNav = function(tags) {
 		if(tag == "red" || tag == "blue" || tag == "yellow" || tag == "green") {
 			continue;
 		}
-		var text = Tag.mapEn2Cn[tag] || tag;
+		var text = Note._toHtmlEntity(Tag.mapEn2Cn[tag] || tag);
 		var classes = Tag.classes[tag] || "label label-default";
 		$("#tagNav").append(tt('<li data-tag="?"><a> <span class="?">?</span></li>', text, classes, text));
 	}