From 2f062354fae118a160f928dcfb49b467e0279d15 Mon Sep 17 00:00:00 2001
From: curben <2809763-curben@users.noreply.gitlab.com>
Date: Fri, 18 Oct 2019 03:31:47 +0100
Subject: [PATCH] fix(open_graph): escape html characters in description

---
 themes/chameleon/scripts/openGraph.js | 18 ++++++------------
 1 file changed, 6 insertions(+), 12 deletions(-)

diff --git a/themes/chameleon/scripts/openGraph.js b/themes/chameleon/scripts/openGraph.js
index 8de956e..1af126c 100644
--- a/themes/chameleon/scripts/openGraph.js
+++ b/themes/chameleon/scripts/openGraph.js
@@ -12,7 +12,7 @@
 'use strict'
 
 const moment = require('moment')
-const { encodeURL, htmlTag, stripHTML } = require('hexo-util')
+const { encodeURL, escapeHTML, htmlTag, stripHTML } = require('hexo-util')
 
 function meta (name, content) {
   return `${htmlTag('meta', {
@@ -32,7 +32,7 @@ function openGraphHelper () {
   const { config, page, theme } = this
   const { content } = page
   let images = page.photos || []
-  const description = page.excerpt || theme.description || false
+  let description = page.excerpt || theme.description || false
   const author = config.author
   const keywords = page.tags || false
   const title = page.title || theme.nickname
@@ -46,17 +46,11 @@ function openGraphHelper () {
   let result = ''
 
   if (description) {
-    description = stripHTML(description).substring(0, 200)
-      .trim() // Remove prefixing/trailing spaces
-      .replace(/</g, '&lt;')
-      .replace(/>/g, '&gt;')
-      .replace(/&/g, '&amp;')
-      .replace(/"/g, '&quot;')
-      .replace(/'/g, '&apos;')
-      .replace(/\n/g, ' ') // Replace new lines by spaces
-  }
+    description = escapeHTML(stripHTML(description)
+      .trim()
+      .replace(/\n/g, ' ')
+      .substring(0, 200))
 
-  if (description) {
     result += meta('description', description)
   }