Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update search.js to fix escaping problem #889

Merged
merged 1 commit into from
Dec 9, 2024
Merged

Update search.js to fix escaping problem #889

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
41 changes: 13 additions & 28 deletions assets/js/search.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,15 +5,13 @@ layout: none
function displaySearchResults(results, store) {
var searchResults = document.getElementById('search-results');

if (results.length) { // Are there any results?
if (results.length) {
var appendString = '';

for (var i = 0; i < results.length; i++) { // Iterate over the results
for (var i = 0; i < results.length; i++) {
var item = store[results[i].ref];
appendString += '<li><a href="' + item.url + '"><h3>' + item.title + '</h3></a>';
appendString += '<p>' + item.content.substring(0, 150) + '...</p></li>';
}

searchResults.innerHTML = appendString;
} else {
searchResults.innerHTML = '<li>No results found</li>';
Expand All @@ -26,17 +24,16 @@ layout: none

for (var i = 0; i < vars.length; i++) {
var pair = vars[i].split('=');

if (pair[0] === variable) {
return decodeURIComponent(pair[1].replace(/\+/g, '%20'));
}
}
}

store = {
var store = {
{% for post in site.posts %}
"{{ post.url | slugify }}": {
"id" : "{{ post.url | slugify }}",
"id": "{{ post.url | slugify }}",
"title": "{{ post.title | xml_escape }}",
"author": "{{ post.author | xml_escape }}",
"category": "{{ post.category | xml_escape }}",
Expand All @@ -46,7 +43,7 @@ layout: none
{% endfor %}
{% for post in site.cases %}
"{{ post.url | slugify }}": {
"id" : "{{ post.url | slugify }}",
"id": "{{ post.url | slugify }}",
"title": "{{ post.title | xml_escape }}",
"author": "{{ post.author | xml_escape }}",
"category": "{{ post.category | xml_escape }}",
Expand All @@ -57,11 +54,12 @@ layout: none
{% for year in site.data.cves %}
{%- for cve in year[1] -%}
{% assign cveId = cve[0] -%}
{% assign descriptions = cve[1]["containers"]["cna"]["descriptions"] | where: "lang", "en" | map: "value" %}
"{{ cve[0] }}": {
"id" : "{{ cve[0] }}",
"title": "{{ cve[1]["containers"]["cna"]["title"] }}",
"id": "{{ cve[0] }}",
"title": {{ cve[1]["containers"]["cna"]["title"] | jsonify }},
"category": "cve",
"content": "{{ cve[1]["containers"]["cna"]["descriptions"] | where: "lang", "en" | map: "value" }}",
"content": {{ descriptions | join: " " | jsonify }},
"url": "/cves/{{ cve[0] }}"
}
{%- unless forloop.last -%},{%- endunless %}
Expand All @@ -73,8 +71,6 @@ layout: none
if (searchTerm) {
document.getElementById('search-box').setAttribute("value", searchTerm);

// Initalize lunr with the fields it will be searching on. I've given title
// a boost of 10 to indicate matches on this field are more important.
var idx = lunr(function () {
this.field('id');
this.field('title', { boost: 10 });
Expand All @@ -83,22 +79,11 @@ layout: none
this.field('content');

for(var id in store) {
this.add(store[id])
this.add(store[id]);
}
});

/*
for (var key in store) { // Add the data to lunr
idx.add({
'id': key,
'title': window.store[key].title,
'author': window.store[key].author,
'category': window.store[key].category,
'content': window.store[key].content
});
*/

var results = idx.search(searchTerm); // Get lunr to perform a search
displaySearchResults(results, store); // We'll write this in the next section
var results = idx.search(searchTerm);
displaySearchResults(results, store);
}
})();
})();
Loading