From aeb66283142affc3e66341f4bfb1764f220c2303 Mon Sep 17 00:00:00 2001 From: Baoshuo Date: Sat, 12 Nov 2022 12:05:24 +0800 Subject: [PATCH] fix(web/problem): not escape problem title --- web/app/models/HTML.php | 27 +++++++++++++++++++++------ web/app/models/UOJProblem.php | 2 +- 2 files changed, 22 insertions(+), 7 deletions(-) diff --git a/web/app/models/HTML.php b/web/app/models/HTML.php index 1327db0..35d3922 100644 --- a/web/app/models/HTML.php +++ b/web/app/models/HTML.php @@ -302,14 +302,29 @@ class HTML { return $res; } - public static function link(?string $uri, $text, $cfg = ['location' => 'main']) { - if ($uri === null) { - return '' . HTML::escape($text) . ''; + public static function link(?string $uri, $text, $cfg = []) { + $cfg += ['location' => 'main', 'escape' => true]; + + if ($cfg['escape']) { + $text = HTML::escape($text); } - return '' . HTML::escape($text) . ''; + + if ($uri === null) { + return HTML::tag('a', [], $text); + } + + return HTML::tag('a', ['href' => HTML::url($uri, $cfg)], $text); } - public static function autolink(string $url, array $attr = []) { - return '' . $url . ''; + + public static function autolink(string $url, array $attr = [], $cfg = []) { + $cfg += ['escape' => true]; + $text = $url; + + if ($cfg['escape']) { + $text = HTML::escape($text); + } + + return '' . $text . ''; } public static function js_src(string $uri, array $cfg = []) { $cfg += [ diff --git a/web/app/models/UOJProblem.php b/web/app/models/UOJProblem.php index 106ada0..e5d2dec 100644 --- a/web/app/models/UOJProblem.php +++ b/web/app/models/UOJProblem.php @@ -83,7 +83,7 @@ class UOJProblem { } public function getLink(array $cfg = []) { - return HTML::link($this->getUri(), $this->getTitle($cfg)); + return HTML::link($this->getUri(), $this->getTitle($cfg), ['escape' => false]); } public function getAttachmentUri() {