Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Qute - escape expressions in html by default
- resolves #6155 - API changes: - introduce TemplateLocator - add Template#getVariant()
- Loading branch information
Showing
24 changed files
with
484 additions
and
56 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
66 changes: 66 additions & 0 deletions
66
extensions/qute/deployment/src/test/java/io/quarkus/qute/deployment/EscapingTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
package io.quarkus.qute.deployment; | ||
|
||
import static org.junit.jupiter.api.Assertions.assertEquals; | ||
|
||
import javax.inject.Inject; | ||
|
||
import org.jboss.shrinkwrap.api.ShrinkWrap; | ||
import org.jboss.shrinkwrap.api.asset.StringAsset; | ||
import org.jboss.shrinkwrap.api.spec.JavaArchive; | ||
import org.junit.jupiter.api.Test; | ||
import org.junit.jupiter.api.extension.RegisterExtension; | ||
|
||
import io.quarkus.qute.RawString; | ||
import io.quarkus.qute.Template; | ||
import io.quarkus.qute.TemplateData; | ||
import io.quarkus.test.QuarkusUnitTest; | ||
|
||
public class EscapingTest { | ||
|
||
@RegisterExtension | ||
static final QuarkusUnitTest config = new QuarkusUnitTest() | ||
.setArchiveProducer(() -> ShrinkWrap.create(JavaArchive.class) | ||
.addClass(Item.class) | ||
.addAsResource(new StringAsset("{text} {other} {text.raw} {text.safe} {item.foo}"), | ||
"templates/foo.html") | ||
.addAsResource(new StringAsset("{item} {item.raw}"), | ||
"templates/item.html") | ||
.addAsResource(new StringAsset("{text} {other} {text.raw} {text.safe} {item.foo}"), | ||
"templates/bar.txt")); | ||
|
||
@Inject | ||
Template foo; | ||
|
||
@Inject | ||
Template bar; | ||
|
||
@Inject | ||
Template item; | ||
|
||
@Test | ||
public void testEscaper() { | ||
assertEquals("<div> &"' <div> <div> <span>", | ||
foo.data("text", "<div>").data("other", "&\"'").data("item", new Item()).render()); | ||
// No escaping for txt templates | ||
assertEquals("<div> &\"' <div> <div> <span>", | ||
bar.data("text", "<div>").data("other", "&\"'").data("item", new Item()).render()); | ||
// Item.toString() is escaped too | ||
assertEquals("<h1>Item</h1> <h1>Item</h1>", | ||
item.data("item", new Item()).render()); | ||
} | ||
|
||
@TemplateData | ||
public static class Item { | ||
|
||
public RawString getFoo() { | ||
return new RawString("<span>"); | ||
} | ||
|
||
@Override | ||
public String toString() { | ||
return "<h1>Item</h1>"; | ||
} | ||
|
||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1 change: 1 addition & 0 deletions
1
extensions/qute/runtime/src/main/java/io/quarkus/qute/api/VariantTemplate.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,7 @@ | ||
package io.quarkus.qute.api; | ||
|
||
import io.quarkus.qute.Template; | ||
import io.quarkus.qute.Variant; | ||
|
||
/** | ||
* | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.