Skip to content

Commit

Permalink
fix: Osm username, add escaping where necessary (#1158)
Browse files Browse the repository at this point in the history
* refactor: replace HTML rendering with plain text for user display name

* refactor: refactor D3.js code to set text content

* refactor: use .text() method to set text content in copyright element

* refactor: use the .text() method to set text content in combobox options

* refactor: use the .text() method to set text content userLink element

* refactor: use the .text() method to set text content in  conflict and label elements

* refactor: use the .text() method to set text content in contributors element

* refactor: reduce direct html injection

* refactor: reduce direct html injection

* fix: refactor contributors.js file

* replace unnecessary setting of raw "html" with "text"
  • Loading branch information
RitaDee authored Oct 19, 2023
1 parent f9ff458 commit 374debc
Show file tree
Hide file tree
Showing 14 changed files with 21 additions and 21 deletions.
2 changes: 1 addition & 1 deletion modules/ui/account.js
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ export function uiAccount(context) {
// Add user name
userLink.append('span')
.attr('class', 'label')
.html(user.display_name);
.text(user.display_name);
}


Expand Down
4 changes: 2 additions & 2 deletions modules/ui/attribution.js
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ export function uiAttribution(context) {
attribution
.append('span')
.attr('class', 'attribution-text')
.html(terms_text);
.text(terms_text);
})
.merge(attributions);

Expand All @@ -73,7 +73,7 @@ export function uiAttribution(context) {
.merge(copyright);

copyright
.html(String);
.text(String);
}


Expand Down
2 changes: 1 addition & 1 deletion modules/ui/combobox.js
Original file line number Diff line number Diff line change
Expand Up @@ -384,7 +384,7 @@ export function uiCombobox(context, klass) {
return 'combobox-option ' + (d.klass || '');
})
.attr('title', function(d) { return d.title; })
.html(function(d) { return d.display || d.value; })
.text(function(d) { return d.display || d.value; })
.on('mouseenter', _mouseEnterHandler)
.on('mouseleave', _mouseLeaveHandler)
.merge(options)
Expand Down
4 changes: 2 additions & 2 deletions modules/ui/conflicts.js
Original file line number Diff line number Diff line change
Expand Up @@ -172,7 +172,7 @@ export function uiConflicts(context) {
.append('a')
.attr('class', 'conflict-description')
.attr('href', '#')
.html(function(d) { return d.name; })
.text(function(d) { return d.name; })
.on('click', function(d3_event, d) {
d3_event.preventDefault();
showEntityID(d.id);
Expand Down Expand Up @@ -254,7 +254,7 @@ export function uiConflicts(context) {

labelEnter
.append('span')
.html(function(d) { return d.text; });
.text(function(d) { return d.text; });

// update
choicesEnter
Expand Down
4 changes: 2 additions & 2 deletions modules/ui/feature_list.js
Original file line number Diff line number Diff line change
Expand Up @@ -297,12 +297,12 @@ export function uiFeatureList(context) {
label
.append('span')
.attr('class', 'entity-type')
.html(d => d.type);
.text(d => d.type);

label
.append('span')
.attr('class', 'entity-name')
.html(d => d.name);
.text(d => d.name);

enter
.style('opacity', 0)
Expand Down
2 changes: 1 addition & 1 deletion modules/ui/fields/combo.js
Original file line number Diff line number Diff line change
Expand Up @@ -545,7 +545,7 @@ export function uiFieldCombo(context, uifield) {
}

chips.select('span')
.html(d => d.value);
.text(d => d.value);

// Don't show delete '×' on the source chip for rapid features
if (!(uifield.key === 'source' && _isRapidFeature())) {
Expand Down
6 changes: 3 additions & 3 deletions modules/ui/fields/lanes.js
Original file line number Diff line number Diff line change
Expand Up @@ -77,23 +77,23 @@ export function uiFieldLanes(context, uifield) {
.append('text')
.attr('y', 40)
.attr('x', 14)
.html('▲');
.text('▲');

enter
.append('g')
.attr('class', 'bothways')
.append('text')
.attr('y', 40)
.attr('x', 14)
.html('▲▼');
.text('▲▼');

enter
.append('g')
.attr('class', 'backward')
.append('text')
.attr('y', 40)
.attr('x', 14)
.html('▼');
.text('▼');


lane = lane
Expand Down
4 changes: 2 additions & 2 deletions modules/ui/improveOSM_comments.js
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ export function uiImproveOsmComments(context) {
.attr('target', '_blank');
}
selection
.html(d => d.username);
.text(d => d.username);
});

metadataEnter
Expand All @@ -70,7 +70,7 @@ export function uiImproveOsmComments(context) {
.append('div')
.attr('class', 'comment-text')
.append('p')
.html(d => d.text);
.text(d => d.text);
})
.catch(e => console.log(e)); // eslint-disable-line no-console
}
Expand Down
2 changes: 1 addition & 1 deletion modules/ui/improveOSM_details.js
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ export function uiImproveOsmDetails(context) {
descriptionEnter
.append('div')
.attr('class', 'qa-details-description-text')
.html(issueDetail);
.text(issueDetail);

// If there are entity links in the error message..
let relatedEntities = [];
Expand Down
2 changes: 1 addition & 1 deletion modules/ui/improveOSM_header.js
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ export function uiImproveOsmHeader(context) {
headerEnter
.append('div')
.attr('class', 'qa-header-label')
.html(issueTitle);
.text(issueTitle);
}

improveOsmHeader.issue = function(val) {
Expand Down
2 changes: 1 addition & 1 deletion modules/ui/note_editor.js
Original file line number Diff line number Diff line change
Expand Up @@ -251,7 +251,7 @@ export function uiNoteEditor(context) {
userLink
.append('a')
.attr('class', 'user-info')
.html(user.display_name)
.text(user.display_name)
.attr('href', osm.userURL(user.display_name))
.attr('target', '_blank');

Expand Down
2 changes: 1 addition & 1 deletion modules/ui/panels/UiPanelHistory.js
Original file line number Diff line number Diff line change
Expand Up @@ -265,7 +265,7 @@ export class UiPanelHistory extends AbstractUiPanel {
selection
.append('span')
.attr('class', 'user-name')
.html(userName);
.text(userName);

let links = selection
.append('div')
Expand Down
2 changes: 1 addition & 1 deletion modules/ui/scale.js
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ export function uiScale(context) {

selection.select('.scale-text')
.style(isRTL ? 'right' : 'left', (scale.px + 16) + 'px')
.html(scale.text);
.text(scale.text);
}


Expand Down
4 changes: 2 additions & 2 deletions modules/ui/sections/changes.js
Original file line number Diff line number Diff line change
Expand Up @@ -75,15 +75,15 @@ export function uiSectionChanges(context) {
buttons
.append('strong')
.attr('class', 'entity-type')
.html(d => {
.text(d => {
const matched = context.systems.presets.match(d.entity, d.graph);
return (matched && matched.name()) || l10n.displayType(d.entity.id);
});

buttons
.append('span')
.attr('class', 'entity-name')
.html(d => {
.text(d => {
const name = l10n.displayName(d.entity.tags);
let string = '';
if (name !== '') {
Expand Down

0 comments on commit 374debc

Please sign in to comment.