Permalink
Browse files

XHTML escaping per DEEO

  • Loading branch information...
1 parent d63d1ff commit 8510e59fbcb8f94dcf6bbfc5eb0b97fc578e7bab @darkwing committed Feb 18, 2010
Showing with 8 additions and 6 deletions.
  1. +1 −1 Source/Tweetify-yui-compressed.js
  2. +6 −4 Source/Tweetify.js
  3. +1 −1 package.yml
@@ -17,4 +17,4 @@ provides:
- String.tweetify
...
*/
-(function(){var a=function(){return this.replace(/(https?:\/\/\S+)/gi,'<a href="$1">$1</a>').replace(/\B@(\w+)([^\/]\W)/g,'<a href="http://twitter.com/$1" class="twitterUser">@$1</a>$2').replace(/\B@(\w+)\/(\w+)/g,'<a href="http://twitter.com/$1/$2" class="twitterList">@$1/$2</a>').replace(/\B#(\w+)/g,'<a href="http://search.twitter.com/search?q=%23$1" class="twitterTag">#$1</a>');};String.implement({toTweet:a});String.alias("toTweet","tweetify");Element.implement({tweetify:function(){this.set("html",this.get("text").tweetify());}});})();
+(function(){var a=function(){return this.replace(/&/g,"&amp;").replace(/</g,"&lt;").replace(/>/g,"&gt;").replace(/(https?:\/\/\S+)/gi,'<a href="$1">$1</a>').replace(/\B@(\w+)([^\/]\W)/g,'<a href="http://twitter.com/$1" class="twitterUser">@$1</a>$2').replace(/\B@(\w+)\/(\w+)/g,'<a href="http://twitter.com/$1/$2" class="twitterList">@$1/$2</a>').replace(/\B#(\w+)/g,'<a href="http://search.twitter.com/search?q=%23$1" class="twitterTag">#$1</a>');};String.implement({toTweet:a});String.alias("toTweet","tweetify");Element.implement({tweetify:function(){this.set("html",this.get("text").tweetify());}});})();
View
@@ -19,10 +19,12 @@ provides:
*/
(function() {
var fn = function() {
- return this.replace(/(https?:\/\/\S+)/gi, '<a href="$1">$1</a>')
- .replace(/\B@(\w+)([^\/]\W)/g, '<a href="http://twitter.com/$1" class="twitterUser">@$1</a>$2') //users, but not lists
- .replace(/\B@(\w+)\/(\w+)/g, '<a href="http://twitter.com/$1/$2" class="twitterList">@$1/$2</a>') //lists
- .replace(/\B#(\w+)/g,'<a href="http://search.twitter.com/search?q=%23$1" class="twitterTag">#$1</a>'); //tags
+ return this.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;') //no more html injection
+ .replace(/(https?:\/\/\S+)/gi, '<a href="$1">$1</a>') //generic links
+ .replace(/\B@(\w+)([^\/]\W)/g, '<a href="http://twitter.com/$1" class="twitterUser">@$1</a>$2') //users, but not lists
+ .replace(/\B@(\w+)\/(\w+)/g, '<a href="http://twitter.com/$1/$2" class="twitterList">@$1/$2</a>') //lists
+ .replace(/\B#(\w+)/g,'<a href="http://search.twitter.com/search?q=%23$1" class="twitterTag">#$1</a>'); //tags
+
};
String.implement({
View
@@ -1,6 +1,6 @@
name: Tweetify
author: davidwalsh
-current: 0.6
+current: 0.61
category: Utilities
tags: [Twitter,Element]
docs: http://davidwalsh.name/tweetify

0 comments on commit 8510e59

Please sign in to comment.