Skip to content

Commit

Permalink
Don't escape entities inside CDATA (#193)
Browse files Browse the repository at this point in the history
  • Loading branch information
@akirk
akirk authored Oct 26, 2022
1 parent 3230fab commit d239ea7
Show file tree
Hide file tree
Showing 14 changed files with 78 additions and 61 deletions.
10 changes: 5 additions & 5 deletions resources/views/atom.blade.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
@if($key === 'link')
<{{ $key }} href="{{ url($metaItem) }}" rel="self"></{{ $key }}>
@elseif($key === 'title')
<{{ $key }}><![CDATA[{{ $metaItem }}]]></{{ $key }}>
<{{ $key }}>{!! \Spatie\Feed\Helpers\Cdata::out($metaItem) !!}</{{ $key }}>
@elseif($key === 'description')
<subtitle>{{ $metaItem }}</subtitle>
@elseif($key === 'language')
Expand All @@ -23,18 +23,18 @@
@endforeach
@foreach($items as $item)
<entry>
<title><![CDATA[{{ $item->title }}]]></title>
<title>{!! \Spatie\Feed\Helpers\Cdata::out($item->title) !!}</title>
<link rel="alternate" href="{{ url($item->link) }}" />
<id>{{ url($item->id) }}</id>
<author>
<name><![CDATA[{{ $item->authorName }}]]></name>
<name>{!! \Spatie\Feed\Helpers\Cdata::out($item->authorName) !!}</name>
@if(!empty($item->authorEmail))
<email><![CDATA[{{ $item->authorEmail }}]]></email>
<email>{!! \Spatie\Feed\Helpers\Cdata::out($item->authorEmail) !!}</email>

@endif
</author>
<summary type="html">
<![CDATA[{!! $item->summary !!}]]>
{!! \Spatie\Feed\Helpers\Cdata::out($item->summary) !!}
</summary>
@if($item->__isset('enclosure'))
<link href="{{ url($item->enclosure) }}" length="{{ $item->enclosureLength }}" type="{{ $item->enclosureType }}" />
Expand Down
4 changes: 2 additions & 2 deletions resources/views/json.blade.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,13 +18,13 @@
],
"items": [@foreach($items as $item){
"id": "{{ url($item->id) }}",
"title": "{{ $item->title }}",
"title": {!! json_encode($item->title) !!},
"url": "{{ url($item->link) }}",
"content_html": {!! json_encode($item->summary) !!},
"summary": {!! json_encode($item->summary) !!},
"date_published": "{{ $item->timestamp() }}",
"date_modified": "{{ $item->timestamp() }}",
"authors": [{ "name": "{{ $item->authorName }}" }],
"authors": [{ "name": {!! json_encode($item->authorName) !!} }],
@if($item->__isset('image'))
"image": "{{ url($item->image) }}",
@endif
Expand Down
16 changes: 8 additions & 8 deletions resources/views/rss.blade.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,25 +5,25 @@
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
<atom:link href="{{ url($meta['link']) }}" rel="self" type="application/rss+xml" />
<title><![CDATA[{{ $meta['title'] }}]]></title>
<link><![CDATA[{{ url($meta['link']) }}]]></link>
<title>{!! \Spatie\Feed\Helpers\Cdata::out($meta['title'] ) !!}</title>
<link>{!! \Spatie\Feed\Helpers\Cdata::out(url($meta['link']) ) !!}</link>
@if(!empty($meta['image']))
<image>
<url>{{ $meta['image'] }}</url>
<title><![CDATA[{{ $meta['title'] }}]]></title>
<link><![CDATA[{{ url($meta['link']) }}]]></link>
<title>{!! \Spatie\Feed\Helpers\Cdata::out($meta['title'] ) !!}</title>
<link>{!! \Spatie\Feed\Helpers\Cdata::out(url($meta['link']) ) !!}</link>
</image>
@endif
<description><![CDATA[{{ $meta['description'] }}]]></description>
<description>{!! \Spatie\Feed\Helpers\Cdata::out($meta['description'] ) !!}</description>
<language>{{ $meta['language'] }}</language>
<pubDate>{{ $meta['updated'] }}</pubDate>

@foreach($items as $item)
<item>
<title><![CDATA[{{ $item->title }}]]></title>
<title>{!! \Spatie\Feed\Helpers\Cdata::out($item->title) !!}</title>
<link>{{ url($item->link) }}</link>
<description><![CDATA[{!! $item->summary !!}]]></description>
<author><![CDATA[{{ $item->authorName }}@if(!empty($item->authorEmail)) <{{ $item->authorEmail }}>@endif]]></author>
<description>{!! \Spatie\Feed\Helpers\Cdata::out($item->summary) !!}</description>
<author>{!! \Spatie\Feed\Helpers\Cdata::out($item->authorName.(empty($item->authorEmail)?'':' <'.$item->authorEmail.'>')) !!}</author>
<guid>{{ url($item->id) }}</guid>
<pubDate>{{ $item->timestamp() }}</pubDate>
@foreach($item->category as $category)
Expand Down
17 changes: 17 additions & 0 deletions src/Helpers/Cdata.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
<?php

namespace Spatie\Feed\Helpers;

class Cdata
{
public static function out( string $data ): string
{
// See https://www.w3.org/TR/REC-xml/#dt-cdsection
$replace = [
'<!CDATA[' => '', // CDATA cannot be nested.
']]>' => ']]&gt;', // CDEnd needs to be escaped.
];
return '<![CDATA[' . str_replace(array_keys($replace), array_values($replace), $data ) . ']]>';
}

}
2 changes: 1 addition & 1 deletion tests/DummyItem.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ public function toFeedItem(): FeedItem
{
return new FeedItem([
'id' => $this->id,
'title' => 'feedItemTitle',
'title' => 'feed<>]]>Item"Title"',
'summary' => 'feedItemSummary',
'enclosure' => 'http://localhost/image1.jpg',
'enclosureLength' => 31300,
Expand Down
10 changes: 5 additions & 5 deletions tests/__snapshots__/FeedTest__all_feed_items_have_expected_data__1.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
<language>en-US</language>
<updated>Fri, 01 Jan 2016 00:00:00 +0100</updated>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem1" />
<id>http://localhost/1</id>
<author>
Expand All @@ -25,7 +25,7 @@
<updated>Fri, 01 Jan 2016 00:00:00 +0100</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem1" />
<id>http://localhost/1</id>
<author>
Expand All @@ -41,7 +41,7 @@
<updated>Fri, 01 Jan 2016 00:00:00 +0100</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem1" />
<id>http://localhost/1</id>
<author>
Expand All @@ -57,7 +57,7 @@
<updated>Fri, 01 Jan 2016 00:00:00 +0100</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem1" />
<id>http://localhost/1</id>
<author>
Expand All @@ -73,7 +73,7 @@
<updated>Fri, 01 Jan 2016 00:00:00 +0100</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem1" />
<id>http://localhost/1</id>
<author>
Expand Down
10 changes: 5 additions & 5 deletions tests/__snapshots__/FeedTest__all_feed_items_have_expected_data__1.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
<subtitle>This is feed 1 from the unit tests</subtitle>
<updated>2015-12-31T22:59:00+00:00</updated>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem1" />
<id>http://localhost/1</id>
<author>
Expand All @@ -23,7 +23,7 @@
<updated>2015-12-31T22:59:00+00:00</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem2" />
<id>http://localhost/2</id>
<author>
Expand All @@ -39,7 +39,7 @@
<updated>2015-12-31T22:58:00+00:00</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem3" />
<id>http://localhost/3</id>
<author>
Expand All @@ -55,7 +55,7 @@
<updated>2015-12-31T22:57:00+00:00</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem4" />
<id>http://localhost/4</id>
<author>
Expand All @@ -71,7 +71,7 @@
<updated>2015-12-31T22:56:00+00:00</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem5" />
<id>http://localhost/5</id>
<author>
Expand Down
10 changes: 5 additions & 5 deletions tests/__snapshots__/FeedTest__all_feed_items_have_expected_data__2.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
<language>en-US</language>
<updated>Fri, 01 Jan 2016 00:00:00 +0100</updated>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem1" />
<id>http://localhost/1</id>
<author>
Expand All @@ -25,7 +25,7 @@
<updated>Fri, 01 Jan 2016 00:00:00 +0100</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem1" />
<id>http://localhost/1</id>
<author>
Expand All @@ -41,7 +41,7 @@
<updated>Fri, 01 Jan 2016 00:00:00 +0100</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem1" />
<id>http://localhost/1</id>
<author>
Expand All @@ -57,7 +57,7 @@
<updated>Fri, 01 Jan 2016 00:00:00 +0100</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem1" />
<id>http://localhost/1</id>
<author>
Expand All @@ -73,7 +73,7 @@
<updated>Fri, 01 Jan 2016 00:00:00 +0100</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem1" />
<id>http://localhost/1</id>
<author>
Expand Down
10 changes: 5 additions & 5 deletions tests/__snapshots__/FeedTest__all_feed_items_have_expected_data__2.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
<subtitle>This is feed 2 from the unit tests</subtitle>
<updated>2015-12-31T22:59:00+00:00</updated>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem1" />
<id>http://localhost/1</id>
<author>
Expand All @@ -23,7 +23,7 @@
<updated>2015-12-31T22:59:00+00:00</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem2" />
<id>http://localhost/2</id>
<author>
Expand All @@ -39,7 +39,7 @@
<updated>2015-12-31T22:58:00+00:00</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem3" />
<id>http://localhost/3</id>
<author>
Expand All @@ -55,7 +55,7 @@
<updated>2015-12-31T22:57:00+00:00</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem4" />
<id>http://localhost/4</id>
<author>
Expand All @@ -71,7 +71,7 @@
<updated>2015-12-31T22:56:00+00:00</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem5" />
<id>http://localhost/5</id>
<author>
Expand Down
10 changes: 5 additions & 5 deletions tests/__snapshots__/FeedTest__all_feed_items_have_expected_data__3.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
<language>en-US</language>
<updated>Fri, 01 Jan 2016 00:00:00 +0100</updated>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem1" />
<id>http://localhost/1</id>
<author>
Expand All @@ -25,7 +25,7 @@
<updated>Fri, 01 Jan 2016 00:00:00 +0100</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem1" />
<id>http://localhost/1</id>
<author>
Expand All @@ -41,7 +41,7 @@
<updated>Fri, 01 Jan 2016 00:00:00 +0100</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem1" />
<id>http://localhost/1</id>
<author>
Expand All @@ -57,7 +57,7 @@
<updated>Fri, 01 Jan 2016 00:00:00 +0100</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem1" />
<id>http://localhost/1</id>
<author>
Expand All @@ -73,7 +73,7 @@
<updated>Fri, 01 Jan 2016 00:00:00 +0100</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem1" />
<id>http://localhost/1</id>
<author>
Expand Down
10 changes: 5 additions & 5 deletions tests/__snapshots__/FeedTest__all_feed_items_have_expected_data__3.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
<subtitle>This is feed 3 from the unit tests</subtitle>
<updated>2015-12-31T22:59:00+00:00</updated>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem1" />
<id>http://localhost/1</id>
<author>
Expand All @@ -23,7 +23,7 @@
<updated>2015-12-31T22:59:00+00:00</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem2" />
<id>http://localhost/2</id>
<author>
Expand All @@ -39,7 +39,7 @@
<updated>2015-12-31T22:58:00+00:00</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem3" />
<id>http://localhost/3</id>
<author>
Expand All @@ -55,7 +55,7 @@
<updated>2015-12-31T22:57:00+00:00</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem4" />
<id>http://localhost/4</id>
<author>
Expand All @@ -71,7 +71,7 @@
<updated>2015-12-31T22:56:00+00:00</updated>
</entry>
<entry>
<title><![CDATA[feedItemTitle]]></title>
<title><![CDATA[feed<>]]&gt;Item"Title"]]></title>
<link rel="alternate" href="https://localhost/news/testItem5" />
<id>http://localhost/5</id>
<author>
Expand Down
Loading

0 comments on commit d239ea7

Please sign in to comment.