diff options
| -rw-r--r-- | web-ui/app/js/helpers/view_helper.js | 25 | ||||
| -rw-r--r-- | web-ui/test/spec/helpers/view_helper.spec.js | 18 |
2 files changed, 38 insertions, 5 deletions
diff --git a/web-ui/app/js/helpers/view_helper.js b/web-ui/app/js/helpers/view_helper.js index 01ab45ed..bb909cea 100644 --- a/web-ui/app/js/helpers/view_helper.js +++ b/web-ui/app/js/helpers/view_helper.js @@ -35,10 +35,33 @@ define( return textPlainBody.replace(/^(.*?)$/mg, '<p>$1</p>'); } + function escapeHtmlTags (body) { + + var escapeIndex = { + "&": "&", + "<": "<", + ">": ">", + '"': '"', + "'":''', + "/": '/' + + }; + + return body.replace(/["'<>\/&]/g, function(char){ + return escapeIndex[char]; + } ) + + } + + function escapeHtmlAndAddParagraphs (body) { + var escapedBody = escapeHtmlTags(body); + return addParagraphsToPlainText(escapedBody); + } + function formatMailBody (mail) { var body = mail.htmlBodyPart ? htmlWhitelister.sanitize(mail.htmlBody, htmlWhitelister.tagPolicy) : - addParagraphsToPlainText(mail.textPlainBody); + escapeHtmlAndAddParagraphs(mail.textPlainBody); return $(body); } diff --git a/web-ui/test/spec/helpers/view_helper.spec.js b/web-ui/test/spec/helpers/view_helper.spec.js index 806739b9..51ede430 100644 --- a/web-ui/test/spec/helpers/view_helper.spec.js +++ b/web-ui/test/spec/helpers/view_helper.spec.js @@ -53,10 +53,20 @@ define(['helpers/view_helper'], function (viewHelper) { }); }); - it('formats the body of a plain text email', function () { - var formatedMail = $('<div></div>'); - formatedMail.html(viewHelper.formatMailBody(testData.parsedMail.simpleTextPlain)); - expect(formatedMail).toContainHtml('<p>Hello Everyone</p>'); + it('each line of plain text mail gets a new paragraph', function () { + var formattedMail = $('<div></div>'); + formattedMail.html(viewHelper.formatMailBody(testData.parsedMail.simpleTextPlain)); + expect(formattedMail).toContainHtml('<p>Hello Everyone</p>'); + }); + + + it('escape html in plain text body', function () { + var formattedMail = $('<div></div>'); + var mail = testData.parsedMail.simpleTextPlain; + mail.textPlainBody = '<font color="red">This is some text!</font>' + formattedMail.html(viewHelper.formatMailBody(mail)); + expect(formattedMail.text()).toBe('<font color="red">This is some text!</font>') + }); it('move caret to the end of text after 1ms', function () { |