diff options
| author | Robert Speicher <robert@gitlab.com> | 2016-01-22 01:35:39 +0000 |
|---|---|---|
| committer | Robert Speicher <rspeicher@gmail.com> | 2016-01-21 17:37:49 -0800 |
| commit | 13a7808242eed34b546ac13c77201dd280e48ae2 (patch) | |
| tree | ca2f2762fe4a04c73fd23309e06c2a1f6ad93129 | |
| parent | 9e1f5152f1a189551b4e687d10a728e1554cbd1b (diff) | |
| download | gitlab-ce-13a7808242eed34b546ac13c77201dd280e48ae2.tar.gz | |
Merge branch 'unescaped-diffs' into 'master'
Make sure non-highlighted diffs are still escaped
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/12521
See merge request !2544
| -rw-r--r-- | app/controllers/projects/blob_controller.rb | 4 | ||||
| -rw-r--r-- | app/models/note.rb | 8 | ||||
| -rw-r--r-- | lib/gitlab/diff/highlight.rb | 16 |
3 files changed, 20 insertions, 8 deletions
diff --git a/app/controllers/projects/blob_controller.rb b/app/controllers/projects/blob_controller.rb index 8133de90a41..bb72232edd7 100644 --- a/app/controllers/projects/blob_controller.rb +++ b/app/controllers/projects/blob_controller.rb @@ -52,7 +52,9 @@ class Projects::BlobController < Projects::ApplicationController def preview @content = params[:content] diffy = Diffy::Diff.new(@blob.data, @content, diff: '-U 3', include_diff_info: true) - @diff_lines = Gitlab::Diff::Parser.new.parse(diffy.diff.scan(/.*\n/)) + diff_lines = diffy.diff.scan(/.*\n/)[2..-1] + diff_lines = Gitlab::Diff::Parser.new.parse(diff_lines) + @diff_lines = Gitlab::Diff::Highlight.new(diff_lines).highlight render layout: false end diff --git a/app/models/note.rb b/app/models/note.rb index 3e1375e5ad6..605caed9eb6 100644 --- a/app/models/note.rb +++ b/app/models/note.rb @@ -244,7 +244,7 @@ class Note < ActiveRecord::Base prev_match_line = nil prev_lines = [] - diff_lines.each do |line| + highlighted_diff_lines.each do |line| if line.type == "match" prev_lines.clear prev_match_line = line @@ -261,7 +261,11 @@ class Note < ActiveRecord::Base end def diff_lines - @diff_lines ||= Gitlab::Diff::Parser.new.parse(diff.diff.lines.to_a) + @diff_lines ||= Gitlab::Diff::Parser.new.parse(diff.diff.lines) + end + + def highlighted_diff_lines + Gitlab::Diff::Highlight.new(diff_lines).highlight end def discussion_id diff --git a/lib/gitlab/diff/highlight.rb b/lib/gitlab/diff/highlight.rb index 179f8164c84..9283b5e185d 100644 --- a/lib/gitlab/diff/highlight.rb +++ b/lib/gitlab/diff/highlight.rb @@ -1,13 +1,17 @@ module Gitlab module Diff class Highlight - attr_reader :diff_file + attr_reader :diff_file, :diff_lines, :raw_lines delegate :old_path, :new_path, :old_ref, :new_ref, to: :diff_file, prefix: :diff - def initialize(diff_file) - @diff_file = diff_file - @diff_lines = diff_file.diff_lines + def initialize(diff_lines) + if diff_lines.is_a?(Gitlab::Diff::File) + @diff_file = diff_lines + @diff_lines = @diff_file.diff_lines + else + @diff_lines = diff_lines + end @raw_lines = @diff_lines.map(&:text) end @@ -31,7 +35,7 @@ module Gitlab private def highlight_line(diff_line, index) - return html_escape(diff_line.text) unless diff_file.diff_refs + return html_escape(diff_line.text) unless diff_file && diff_file.diff_refs line_prefix = diff_line.text.match(/\A(.)/) ? $1 : ' ' @@ -52,10 +56,12 @@ module Gitlab end def old_lines + return unless diff_file @old_lines ||= Gitlab::Highlight.highlight_lines(*processing_args(:old)) end def new_lines + return unless diff_file @new_lines ||= Gitlab::Highlight.highlight_lines(*processing_args(:new)) end |