nodebb-plugin-composer-default 10.2.27 → 10.2.29
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/library.js +5 -3
- package/package.json +1 -1
- package/static/lib/composer.js +1 -1
package/library.js
CHANGED
|
@@ -236,16 +236,18 @@ function generateDiscardRoute(req, topicData) {
|
|
|
236
236
|
}
|
|
237
237
|
|
|
238
238
|
async function generateBody(req, postData) {
|
|
239
|
+
let body = ''
|
|
239
240
|
// Quoted reply
|
|
240
241
|
if (req.query.toPid && parseInt(req.query.quoted, 10) === 1 && postData) {
|
|
241
242
|
const username = await user.getUserField(postData.uid, 'username');
|
|
242
243
|
const translated = await translator.translate(`[[modules:composer.user-said, ${username}]]`);
|
|
243
|
-
|
|
244
|
+
body = `${translated}\n` +
|
|
244
245
|
`> ${postData ? `${postData.content.replace(/\n/g, '\n> ')}\n\n` : ''}`;
|
|
245
246
|
} else if (req.query.body || req.query.content) {
|
|
246
|
-
|
|
247
|
+
body = validator.escape(String(req.query.body || req.query.content));
|
|
247
248
|
}
|
|
248
|
-
|
|
249
|
+
body = postData ? postData.content : '';
|
|
250
|
+
return translator.escape(body);
|
|
249
251
|
}
|
|
250
252
|
|
|
251
253
|
async function getPostData(req) {
|
package/package.json
CHANGED
package/static/lib/composer.js
CHANGED
|
@@ -456,7 +456,7 @@ define('composer', [
|
|
|
456
456
|
var data = {
|
|
457
457
|
topicTitle: title,
|
|
458
458
|
titleLength: title.length,
|
|
459
|
-
body: utils.escapeHTML(postData.body),
|
|
459
|
+
body: translator.escape(utils.escapeHTML(postData.body)),
|
|
460
460
|
mobile: composer.bsEnvironment === 'xs' || composer.bsEnvironment === 'sm',
|
|
461
461
|
resizable: true,
|
|
462
462
|
thumb: postData.thumb,
|