diff --git a/public/src/modules/helpers.js b/public/src/modules/helpers.js index 78fec7d112..5ac03464f6 100644 --- a/public/src/modules/helpers.js +++ b/public/src/modules/helpers.js @@ -68,13 +68,8 @@ } function buildLinkTag(tag) { - var link = tag.link ? 'link="' + tag.link + '" ' : ''; - var rel = tag.rel ? 'rel="' + tag.rel + '" ' : ''; - var as = tag.as ? 'as="' + tag.as + '" ' : ''; - var type = tag.type ? 'type="' + tag.type + '" ' : ''; - var href = tag.href ? 'href="' + tag.href + '" ' : ''; - var sizes = tag.sizes ? 'sizes="' + tag.sizes + '" ' : ''; - var title = tag.title ? 'title="' + tag.title + '" ' : ''; + const attributes = ['link', 'rel', 'as', 'type', 'href', 'sizes', 'title']; + const [link, rel, as, type, href, sizes, title] = attributes.map(attr => (tag[attr] ? `${attr}="${tag[attr]}" ` : '')); return '<link ' + link + rel + as + type + sizes + title + href + '/>\n\t'; } diff --git a/src/meta/tags.js b/src/meta/tags.js index 4c02171a42..daa4d4808c 100644 --- a/src/meta/tags.js +++ b/src/meta/tags.js @@ -154,7 +154,10 @@ Tags.parse = async (req, data, meta, link) => { } if (!tag.noEscape) { - tag.content = utils.escapeHTML(String(tag.content)); + const attributes = Object.keys(tag); + attributes.forEach((attr) => { + tag[attr] = utils.escapeHTML(String(tag[attr])); + }); } return tag; @@ -168,12 +171,18 @@ Tags.parse = async (req, data, meta, link) => { addIfNotExists(meta, 'name', 'description', Meta.config.description); addIfNotExists(meta, 'property', 'og:description', Meta.config.description); - link = results.links.links.concat(link || []); + link = results.links.links.concat(link || []).map((tag) => { + if (!tag.noEscape) { + const attributes = Object.keys(tag); + attributes.forEach((attr) => { + tag[attr] = utils.escapeHTML(String(tag[attr])); + }); + } + + return tag; + }); - return { - meta: meta, - link: link, - }; + return { meta, link }; }; function addIfNotExists(meta, keyName, tagName, value) {