Skip to content

Commit 6d0a1bf

Browse files
sy-recordssy-records
committed
Fix escape
1 parent 803e6b6 commit 6d0a1bf

File tree

1 file changed

+13
-9
lines changed

1 file changed

+13
-9
lines changed

src/plugins/search/search.js

Lines changed: 13 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -159,6 +159,8 @@ export function search(query) {
159159
const post = data[i];
160160
let matchesScore = 0;
161161
let resultStr = '';
162+
let handlePostTitle = '';
163+
let handlePostContent = '';
162164
const postTitle = post.title && post.title.trim();
163165
const postContent = post.body && post.body.trim();
164166
const postUrl = post.slug || '';
@@ -167,21 +169,23 @@ export function search(query) {
167169
keywords.forEach(keyword => {
168170
// From https://github.com/sindresorhus/escape-string-regexp
169171
const regEx = new RegExp(
170-
ignoreDiacriticalMarks(keyword).replace(
172+
escapeHtml(ignoreDiacriticalMarks(keyword)).replace(
171173
/[|\\{}()[\]^$+*?.]/g,
172174
'\\$&'
173175
),
174176
'gi'
175177
);
176178
let indexTitle = -1;
177179
let indexContent = -1;
180+
handlePostTitle = postTitle
181+
? escapeHtml(ignoreDiacriticalMarks(postTitle))
182+
: postTitle;
183+
handlePostContent = postContent
184+
? escapeHtml(ignoreDiacriticalMarks(postContent))
185+
: postContent;
178186

179-
indexTitle = postTitle
180-
? ignoreDiacriticalMarks(postTitle).search(regEx)
181-
: -1;
182-
indexContent = postContent
183-
? ignoreDiacriticalMarks(postContent).search(regEx)
184-
: -1;
187+
indexTitle = postTitle ? handlePostTitle.search(regEx) : -1;
188+
indexContent = postContent ? handlePostContent.search(regEx) : -1;
185189

186190
if (indexTitle >= 0 || indexContent >= 0) {
187191
matchesScore += indexTitle >= 0 ? 3 : indexContent >= 0 ? 2 : 0;
@@ -201,7 +205,7 @@ export function search(query) {
201205

202206
const matchContent =
203207
'...' +
204-
escapeHtml(ignoreDiacriticalMarks(postContent))
208+
handlePostContent
205209
.substring(start, end)
206210
.replace(
207211
regEx,
@@ -215,7 +219,7 @@ export function search(query) {
215219

216220
if (matchesScore > 0) {
217221
const matchingPost = {
218-
title: escapeHtml(ignoreDiacriticalMarks(postTitle)),
222+
title: handlePostTitle,
219223
content: postContent ? resultStr : '',
220224
url: postUrl,
221225
score: matchesScore,

0 commit comments

Comments
 (0)