From 6acd3d8fff498d62c9db010d0a235583dd632111 Mon Sep 17 00:00:00 2001 From: Fran Dios Date: Wed, 8 Mar 2023 19:09:27 +0900 Subject: [PATCH 1/3] Encode XML characters in demo-store sitemap.xml --- templates/demo-store/app/routes/[sitemap.xml].tsx | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/templates/demo-store/app/routes/[sitemap.xml].tsx b/templates/demo-store/app/routes/[sitemap.xml].tsx index 73876b1b38..b04812ce4c 100644 --- a/templates/demo-store/app/routes/[sitemap.xml].tsx +++ b/templates/demo-store/app/routes/[sitemap.xml].tsx @@ -48,6 +48,10 @@ export async function loader({request, context: {storefront}}: LoaderArgs) { ); } +function xmlEncode(string: string) { + return string.replace(/[&<>'"]/g, (char) => `&#${char.charCodeAt(0)};`); +} + function shopSitemap({ data, baseUrl, @@ -58,7 +62,7 @@ function shopSitemap({ const productsData = flattenConnection(data.products) .filter((product) => product.onlineStoreUrl) .map((product) => { - const url = `${baseUrl}/products/${product.handle}`; + const url = `${baseUrl}/products/${xmlEncode(product.handle)}`; const finalObject: ProductEntry = { url, @@ -68,15 +72,15 @@ function shopSitemap({ if (product.featuredImage?.url) { finalObject.image = { - url: product.featuredImage!.url, + url: xmlEncode(product.featuredImage!.url), }; if (product.title) { - finalObject.image.title = product.title; + finalObject.image.title = xmlEncode(product.title); } if (product.featuredImage!.altText) { - finalObject.image.caption = product.featuredImage!.altText; + finalObject.image.caption = xmlEncode(product.featuredImage!.altText); } } From 74f4795a5174a84e52852002905c5e436ba514fd Mon Sep 17 00:00:00 2001 From: Fran Dios Date: Wed, 8 Mar 2023 19:09:53 +0900 Subject: [PATCH 2/3] Encode XML characters in skeleton sitemap.xml --- templates/skeleton/app/routes/[sitemap.xml].tsx | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/templates/skeleton/app/routes/[sitemap.xml].tsx b/templates/skeleton/app/routes/[sitemap.xml].tsx index d0ed254c5c..0458fa94d7 100644 --- a/templates/skeleton/app/routes/[sitemap.xml].tsx +++ b/templates/skeleton/app/routes/[sitemap.xml].tsx @@ -50,6 +50,10 @@ export async function loader({request, context: {storefront}}: LoaderArgs) { ); } +function xmlEncode(string: string) { + return string.replace(/[&<>'"]/g, (char) => `&#${char.charCodeAt(0)};`); +} + function shopSitemap({ data, baseUrl, @@ -60,7 +64,7 @@ function shopSitemap({ const productsData = flattenConnection(data.products) .filter((product) => product.onlineStoreUrl) .map((product) => { - const url = `${baseUrl}/products/${product.handle}`; + const url = `${baseUrl}/products/${xmlEncode(product.handle)}`; const finalObject: ProductEntry = { url, @@ -70,15 +74,15 @@ function shopSitemap({ if (product.featuredImage?.url) { finalObject.image = { - url: product.featuredImage!.url, + url: xmlEncode(product.featuredImage!.url), }; if (product.title) { - finalObject.image.title = product.title; + finalObject.image.title = xmlEncode(product.title); } if (product.featuredImage!.altText) { - finalObject.image.caption = product.featuredImage!.altText; + finalObject.image.caption = xmlEncode(product.featuredImage!.altText); } } From d612c28ded2f94ad8de2e34ad66c5c6c7d9f42f5 Mon Sep 17 00:00:00 2001 From: Fran Dios Date: Wed, 8 Mar 2023 19:15:17 +0900 Subject: [PATCH 3/3] Remove unnecessary optional chaining and non-null assertion operators --- templates/demo-store/app/routes/[sitemap.xml].tsx | 10 +++++----- templates/skeleton/app/routes/[sitemap.xml].tsx | 12 ++++++------ 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/templates/demo-store/app/routes/[sitemap.xml].tsx b/templates/demo-store/app/routes/[sitemap.xml].tsx index b04812ce4c..ee64674776 100644 --- a/templates/demo-store/app/routes/[sitemap.xml].tsx +++ b/templates/demo-store/app/routes/[sitemap.xml].tsx @@ -66,21 +66,21 @@ function shopSitemap({ const finalObject: ProductEntry = { url, - lastMod: product.updatedAt!, + lastMod: product.updatedAt, changeFreq: 'daily', }; if (product.featuredImage?.url) { finalObject.image = { - url: xmlEncode(product.featuredImage!.url), + url: xmlEncode(product.featuredImage.url), }; if (product.title) { finalObject.image.title = xmlEncode(product.title); } - if (product.featuredImage!.altText) { - finalObject.image.caption = xmlEncode(product.featuredImage!.altText); + if (product.featuredImage.altText) { + finalObject.image.caption = xmlEncode(product.featuredImage.altText); } } @@ -118,7 +118,7 @@ function shopSitemap({ xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:image="http://www.google.com/schemas/sitemap-image/1.1" > - ${urlsDatas.map((url) => renderUrlTag(url!)).join('')} + ${urlsDatas.map((url) => renderUrlTag(url)).join('')} `; } diff --git a/templates/skeleton/app/routes/[sitemap.xml].tsx b/templates/skeleton/app/routes/[sitemap.xml].tsx index 0458fa94d7..4e5125d2b9 100644 --- a/templates/skeleton/app/routes/[sitemap.xml].tsx +++ b/templates/skeleton/app/routes/[sitemap.xml].tsx @@ -29,7 +29,7 @@ export async function loader({request, context: {storefront}}: LoaderArgs) { const data = await storefront.query(SITEMAP_QUERY, { variables: { urlLimits: MAX_URLS, - language: storefront.i18n?.language, + language: storefront.i18n.language, }, }); @@ -68,21 +68,21 @@ function shopSitemap({ const finalObject: ProductEntry = { url, - lastMod: product.updatedAt!, + lastMod: product.updatedAt, changeFreq: 'daily', }; if (product.featuredImage?.url) { finalObject.image = { - url: xmlEncode(product.featuredImage!.url), + url: xmlEncode(product.featuredImage.url), }; if (product.title) { finalObject.image.title = xmlEncode(product.title); } - if (product.featuredImage!.altText) { - finalObject.image.caption = xmlEncode(product.featuredImage!.altText); + if (product.featuredImage.altText) { + finalObject.image.caption = xmlEncode(product.featuredImage.altText); } } @@ -120,7 +120,7 @@ function shopSitemap({ xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:image="http://www.google.com/schemas/sitemap-image/1.1" > - ${urlsDatas.map((url) => renderUrlTag(url!)).join('')} + ${urlsDatas.map((url) => renderUrlTag(url)).join('')} `; }