fix(open_graph): escape html characters in description

This commit is contained in:
curben 2019-10-18 03:31:47 +01:00
parent d6cccfb940
commit 2f062354fa
No known key found for this signature in database
GPG Key ID: 5D9DB57A25D34EE3
1 changed files with 6 additions and 12 deletions

View File

@ -12,7 +12,7 @@
'use strict' 'use strict'
const moment = require('moment') const moment = require('moment')
const { encodeURL, htmlTag, stripHTML } = require('hexo-util') const { encodeURL, escapeHTML, htmlTag, stripHTML } = require('hexo-util')
function meta (name, content) { function meta (name, content) {
return `${htmlTag('meta', { return `${htmlTag('meta', {
@ -32,7 +32,7 @@ function openGraphHelper () {
const { config, page, theme } = this const { config, page, theme } = this
const { content } = page const { content } = page
let images = page.photos || [] let images = page.photos || []
const description = page.excerpt || theme.description || false let description = page.excerpt || theme.description || false
const author = config.author const author = config.author
const keywords = page.tags || false const keywords = page.tags || false
const title = page.title || theme.nickname const title = page.title || theme.nickname
@ -46,17 +46,11 @@ function openGraphHelper () {
let result = '' let result = ''
if (description) { if (description) {
description = stripHTML(description).substring(0, 200) description = escapeHTML(stripHTML(description)
.trim() // Remove prefixing/trailing spaces .trim()
.replace(/</g, '&lt;') .replace(/\n/g, ' ')
.replace(/>/g, '&gt;') .substring(0, 200))
.replace(/&/g, '&amp;')
.replace(/"/g, '&quot;')
.replace(/'/g, '&apos;')
.replace(/\n/g, ' ') // Replace new lines by spaces
}
if (description) {
result += meta('description', description) result += meta('description', description)
} }