mirror
/
badgen
kopia lustrzana https://github.com/badgen/badgen
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

feat: apply escaping to all string inputs (#68)

pull/72/head
chris48s 2021-03-28 04:25:47 +01:00 zatwierdzone przez GitHub
rodzic f9cede8f8d
commit df6c6f026d
Nie znaleziono w bazie danych klucza dla tego podpisu
ID klucza GPG: 4AEE18F83AFDEB23
3 zmienionych plików z 67 dodań i 0 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

4
src/index.ts
Wyświetl plik

@ -49,6 +49,9 @@ export function badgen ({
label = sanitize(label) label = sanitize(label)
status = sanitize(status) status = sanitize(status)
color = sanitize(color)
labelColor = sanitize(labelColor)
icon = icon ? sanitize(icon) : icon
const accessibleText = createAccessibleText({label, status}) const accessibleText = createAccessibleText({label, status})
if (style === 'flat') { if (style === 'flat') {
@ -98,6 +101,7 @@ function bare ({ status, color, style, scale }) {
const stRectWidth = stTextWidth + 115 const stRectWidth = stTextWidth + 115
status = sanitize(status) status = sanitize(status)
color = sanitize(color)
if (style === 'flat') { if (style === 'flat') {
return `<svg width="${scale * stRectWidth / 10}" height="${scale * 20}" viewBox="0 0 ${stRectWidth} 200" xmlns="http://www.w3.org/2000/svg" role="img" aria-label="${status}"> return `<svg width="${scale * stRectWidth / 10}" height="${scale * 20}" viewBox="0 0 ${stRectWidth} 200" xmlns="http://www.w3.org/2000/svg" role="img" aria-label="${status}">

42
tap-snapshots/test-badgen.spec.ts-TAP.test.js
Wyświetl plik

@ -5,6 +5,48 @@
* Make sure to inspect the output below. Do not ignore changes! * Make sure to inspect the output below. Do not ignore changes!
*/ */
'use strict' 'use strict'
exports[`test/badgen.spec.ts TAP ensure badgen() correctly escapes string inputs > snapshot 1`] = `
<svg width="191.2" height="20" viewBox="0 0 1912 200" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" role="img" aria-label="&lt;escape me&gt;: &lt;escape me&gt;">
<title>&lt;escape me&gt;: &lt;escape me&gt;</title>
<linearGradient id="a" x2="0" y2="100%">
<stop offset="0" stop-opacity=".1" stop-color="#EEE"/>
<stop offset="1" stop-opacity=".1"/>
</linearGradient>
<mask id="m"><rect width="1912" height="200" rx="30" fill="#FFF"/></mask>
<g mask="url(#m)">
<rect width="1036" height="200" fill="#&lt;escape me&gt;"/>
<rect width="876" height="200" fill="#&lt;escape me&gt;" x="1036"/>
<rect width="1912" height="200" fill="url(#a)"/>
</g>
<g aria-hidden="true" fill="#fff" text-anchor="start" font-family="Verdana,DejaVu Sans,sans-serif" font-size="110">
<text x="220" y="148" textLength="776" fill="#000" opacity="0.25">&lt;escape me&gt;</text>
<text x="210" y="138" textLength="776">&lt;escape me&gt;</text>
<text x="1091" y="148" textLength="776" fill="#000" opacity="0.25">&lt;escape me&gt;</text>
<text x="1081" y="138" textLength="776">&lt;escape me&gt;</text>
</g>
<image x="40" y="35" width="130" height="130" xlink:href="&lt;escape me&gt;"/>
</svg>
`
exports[`test/badgen.spec.ts TAP ensure bare() correctly escapes string inputs > snapshot 1`] = `
<svg width="89.1" height="20" viewBox="0 0 891 200" xmlns="http://www.w3.org/2000/svg" role="img" aria-label="&lt;escape me&gt;">
<title>&lt;escape me&gt;</title>
<linearGradient id="a" x2="0" y2="100%">
<stop offset="0" stop-opacity=".1" stop-color="#EEE"/>
<stop offset="1" stop-opacity=".1"/>
</linearGradient>
<mask id="m"><rect width="891" height="200" rx="30" fill="#FFF"/></mask>
<g mask="url(#m)">
<rect width="891" height="200" fill="#&lt;escape me&gt;" x="0"/>
<rect width="891" height="200" fill="url(#a)"/>
</g>
<g aria-hidden="true" fill="#fff" text-anchor="start" font-family="Verdana,DejaVu Sans,sans-serif" font-size="110">
<text x="65" y="148" textLength="776" fill="#000" opacity="0.25">&lt;escape me&gt;</text>
<text x="55" y="138" textLength="776">&lt;escape me&gt;</text>
</g>
</svg>
`
exports[`test/badgen.spec.ts TAP generate badge with { label, status } > snapshot 1`] = ` exports[`test/badgen.spec.ts TAP generate badge with { label, status } > snapshot 1`] = `
<svg width="80.4" height="20" viewBox="0 0 804 200" xmlns="http://www.w3.org/2000/svg" role="img" aria-label="npm: v1.0.0"> <svg width="80.4" height="20" viewBox="0 0 804 200" xmlns="http://www.w3.org/2000/svg" role="img" aria-label="npm: v1.0.0">
<title>npm: v1.0.0</title> <title>npm: v1.0.0</title>

21
test/badgen.spec.ts
Wyświetl plik

@ -54,6 +54,18 @@ tap.test('generate badge with { label, status, icon, style }', t => {
t.end() t.end()
}) })
tap.test('ensure badgen() correctly escapes string inputs', t => {
const svg = badgen({
label: '<escape me>',
status: '<escape me>',
color: '<escape me>',
icon: '<escape me>',
labelColor: '<escape me>',
})
t.matchSnapshot(svg, 'snapshot')
t.end()
})
tap.test('generate bare badge with { status }', t => { tap.test('generate bare badge with { status }', t => {
const svg = badgen({ status: 'v1.0.0' }) const svg = badgen({ status: 'v1.0.0' })
t.ok(typeof svg === 'string', 'successfully generated') t.ok(typeof svg === 'string', 'successfully generated')
@ -75,6 +87,15 @@ tap.test('generate bare badge with { status, style }', t => {
t.end() t.end()
}) })
tap.test('ensure bare() correctly escapes string inputs', t => {
const svg = badgen({
status: '<escape me>',
color: '<escape me>',
})
t.matchSnapshot(svg, 'snapshot')
t.end()
})
tap.test('type checking', t => { tap.test('type checking', t => {
// @ts-ignore // @ts-ignore
t.throws(() => badgen({}), TypeError, 'throw if status is non-string') t.throws(() => badgen({}), TypeError, 'throw if status is non-string')