From 23ba5c870fc27b59202c4bd90c5d5b38fb018565 Mon Sep 17 00:00:00 2001 From: Antoine GIRARD Date: Fri, 15 Jun 2018 14:42:49 +0200 Subject: [PATCH] markup: escape short wiki link (#4091) --- modules/markup/html.go | 3 +++ modules/markup/html_test.go | 26 ++++++++++++++++++++++++++ 2 files changed, 29 insertions(+) diff --git a/modules/markup/html.go b/modules/markup/html.go index 4f9d02a8f..a4ef86de2 100644 --- a/modules/markup/html.go +++ b/modules/markup/html.go @@ -469,6 +469,9 @@ func shortLinkProcessorFull(ctx *postProcessCtx, node *html.Node, noLink bool) { } else { link = strings.Replace(link, " ", "-", -1) } + if !strings.Contains(link, "/") { + link = url.PathEscape(link) + } } urlPrefix := ctx.urlPrefix if image { diff --git a/modules/markup/html_test.go b/modules/markup/html_test.go index fc11532d1..bf7606e1d 100644 --- a/modules/markup/html_test.go +++ b/modules/markup/html_test.go @@ -82,12 +82,18 @@ func TestRender_ShortLinks(t *testing.T) { rawtree := util.URLJoin(AppSubURL, "raw", "master") url := util.URLJoin(tree, "Link") otherURL := util.URLJoin(tree, "Other-Link") + encodedURL := util.URLJoin(tree, "Link%3F") imgurl := util.URLJoin(rawtree, "Link.jpg") otherImgurl := util.URLJoin(rawtree, "Link+Other.jpg") + encodedImgurl := util.URLJoin(rawtree, "Link+%23.jpg") + notencodedImgurl := util.URLJoin(rawtree, "some", "path", "Link+#.jpg") urlWiki := util.URLJoin(AppSubURL, "wiki", "Link") otherURLWiki := util.URLJoin(AppSubURL, "wiki", "Other-Link") + encodedURLWiki := util.URLJoin(AppSubURL, "wiki", "Link%3F") imgurlWiki := util.URLJoin(AppSubURL, "wiki", "raw", "Link.jpg") otherImgurlWiki := util.URLJoin(AppSubURL, "wiki", "raw", "Link+Other.jpg") + encodedImgurlWiki := util.URLJoin(AppSubURL, "wiki", "raw", "Link+%23.jpg") + notencodedImgurlWiki := util.URLJoin(AppSubURL, "wiki", "raw", "some", "path", "Link+#.jpg") favicon := "http://google.com/favicon.ico" test( @@ -134,4 +140,24 @@ func TestRender_ShortLinks(t *testing.T) { "[[Link]] [[Other Link]]", `

Link Other Link

`, `

Link Other Link

`) + test( + "[[Link?]]", + `

Link?

`, + `

Link?

`) + test( + "[[Link]] [[Other Link]] [[Link?]]", + `

Link Other Link Link?

`, + `

Link Other Link Link?

`) + test( + "[[Link #.jpg]]", + `

`, + `

`) + test( + "[[Name|Link #.jpg|alt=\"AltName\"|title='Title']]", + `

AltName

`, + `

AltName

`) + test( + "[[some/path/Link #.jpg]]", + `

`, + `

`) }