astra/bsky2tg
1
0
Fork 0
Code Issues Pull requests Packages 1 Activity Actions

Fix HTML escaping
All checks were successful
/ build (push) Successful in 1m29s
Details

Browse source
This commit is contained in:
Astra 2026-03-13 14:31:54 +00:00
parent 2675ce1ea0
commit e2faeaac75
2 changed files with 14 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

18
bsky/parse.go
View file

@ -3,6 +3,7 @@ package bsky
import (
"encoding/json"
"fmt"
"html"
"sort"
"strings"
"time"
@ -329,7 +330,7 @@ func (post *Post) ProcessFacets(aliases []Records) string {
}
if post.Facets == nil {
return post.Text
return html.EscapeString(post.Text)
}
sort.Slice((*post.Facets), func(i, j int) bool {
@ -338,18 +339,18 @@ func (post *Post) ProcessFacets(aliases []Records) string {
var result strings.Builder
lastIndex := 0
// post.Text = html.EscapeString(post.Text)
for _, facet := range *post.Facets {
start := facet.Index.ByteStart
end := facet.Index.ByteEnd
result.WriteString(post.Text[lastIndex:start])
// Escape HTML in plain text portions
result.WriteString(html.EscapeString(post.Text[lastIndex:start]))
for _, feature := range *facet.Features {
switch feature.Type {
case "app.bsky.richtext.facet#mention":
link := fmt.Sprintf(`<a href="https://bsky.app/profile/%s">%s</a>`, feature.Did, post.Text[start:end])
link := fmt.Sprintf(`<a href="https://bsky.app/profile/%s">%s</a>`, feature.Did, html.EscapeString(post.Text[start:end]))
for _, alias := range aliases {
if alias.Value.Subject == feature.Did {
link = fmt.Sprintf(`<a href="%s">%s</a>`,
@ -358,18 +359,19 @@ func (post *Post) ProcessFacets(aliases []Records) string {
}
result.WriteString(link)
case "app.bsky.richtext.facet#link":
link := fmt.Sprintf(`<a href="%s">%s</a>`, feature.URI, post.Text[start:end])
link := fmt.Sprintf(`<a href="%s">%s</a>`, feature.URI, html.EscapeString(post.Text[start:end]))
result.WriteString(link)
case "app.bsky.richtext.facet#tag":
link := fmt.Sprintf(`<a href="https://bsky.app/hashtag/%s">%s</a>`, feature.Tag, post.Text[start:end])
link := fmt.Sprintf(`<a href="https://bsky.app/hashtag/%s">%s</a>`, feature.Tag, html.EscapeString(post.Text[start:end]))
result.WriteString(link)
default:
result.WriteString(post.Text[start:end])
result.WriteString(html.EscapeString(post.Text[start:end]))
}
}
lastIndex = end
}
result.WriteString(post.Text[lastIndex:])
// Escape HTML in the final plain text portion
result.WriteString(html.EscapeString(post.Text[lastIndex:]))
return result.String()
}