mirror of https://github.com/layui/layui
fix: 优化 escape 和 unescape 在解析某些特殊字符串时的潜在问题 (#2628)
* fix: 修复 escape 未转义 unicode 中 & 字符的问题 * chore: update * fix: 优化 unescape 替换顺序,确保为 escape 替换的反向顺序 * chore: update2.9.x-stable
parent
28da41f5ac
commit
aedd2862a6
|
@ -32,7 +32,8 @@
|
|||
<div>数据</div>
|
||||
<textarea id="ID-tpl-data">
|
||||
{
|
||||
"title": "Layui 常用模块",
|
||||
"title": "Layui 常用组件",
|
||||
"desc": "<a style=\"color:blue;\">一段带 HTML 的内容</a>",
|
||||
"list": [
|
||||
{
|
||||
"modname": "弹层",
|
||||
|
|
|
@ -323,25 +323,24 @@ layui.define('jquery', function(exports){
|
|||
|
||||
// 转义 html
|
||||
escape: function(html){
|
||||
var exp = /[<"'>]|&(?=#[a-zA-Z0-9]+)/g;
|
||||
if(html === undefined || html === null) return '';
|
||||
var exp = /[<"'>]|&(?=#?[a-zA-Z0-9]+)/g;
|
||||
if (html === undefined || html === null) return '';
|
||||
|
||||
html += '';
|
||||
if(!exp.test(html)) return html;
|
||||
if (!exp.test(html)) return html;
|
||||
|
||||
return html.replace(/&(?!#?[a-zA-Z0-9]+;)/g, '&')
|
||||
return html.replace(/&(?=#?[a-zA-Z0-9]+;?)/g, '&')
|
||||
.replace(/</g, '<').replace(/>/g, '>')
|
||||
.replace(/'/g, ''').replace(/"/g, '"');
|
||||
},
|
||||
|
||||
// 还原转义的 html
|
||||
unescape: function(html){
|
||||
if(html === undefined || html === null) html = '';
|
||||
html += '';
|
||||
if (html === undefined || html === null) return '';
|
||||
|
||||
return html.replace(/\&/g, '&')
|
||||
.replace(/\</g, '<').replace(/\>/g, '>')
|
||||
.replace(/\'/g, '\'').replace(/\"/g, '"');
|
||||
return String(html).replace(/\"/g, '"').replace(/\'/g, '\'')
|
||||
.replace(/\>/g, '>').replace(/\</g, '<')
|
||||
.replace(/\&/g, '&');
|
||||
},
|
||||
|
||||
// 打开新窗口
|
||||
|
|
Loading…
Reference in New Issue