refactor(web/ranklist): drop DOMPurify

This commit is contained in:
Baoshuo Ren 2022-10-08 19:42:04 +08:00
parent 1740cc8265
commit df7d7639b1
Signed by: baoshuo
GPG Key ID: 00CB9680AB29F51A

View File

@ -1359,8 +1359,9 @@ function echoRanklist($config = array()) {
$header_row .= '<th style="width: 5em;">'.UOJLocale::get('solved').'</th>'; $header_row .= '<th style="width: 5em;">'.UOJLocale::get('solved').'</th>';
$header_row .= '</tr>'; $header_row .= '</tr>';
$purifier = HTML::pruifier();
$users = array(); $users = array();
$print_row = function($user, $now_cnt) use (&$users, $config) { $print_row = function($user, $now_cnt) use (&$users, $config, $purifier) {
if (!$users) { if (!$users) {
if ($now_cnt == 1) { if ($now_cnt == 1) {
$rank = 1; $rank = 1;
@ -1376,13 +1377,9 @@ function echoRanklist($config = array()) {
echo '<tr>'; echo '<tr>';
echo '<td>' . $user['rank'] . '</td>'; echo '<td>' . $user['rank'] . '</td>';
echo '<td>' . getUserLink($user['username']) . '</td>'; echo '<td>' . getUserLink($user['username']) . '</td>';
$motto_id = uniqid("motto-{$user['username']}-"); echo "<td>";
echo "<td id=\"$motto_id\"></td>"; echo $purifier->purify($user['motto']);
$motto = rawurlencode($user['motto']); echo "</td>";
$dom_sanitize_config = DOM_SANITIZE_CONFIG;
echo '<script type="text/javascript">';
echo "$(function() { $('#$motto_id').html(DOMPurify.sanitize(decodeURIComponent(\"{$motto}\"), $dom_sanitize_config)); });";
echo '</script>';
echo '<td>' . $user['ac_num'] . '</td>'; echo '<td>' . $user['ac_num'] . '</td>';
echo '</tr>'; echo '</tr>';