diff options
Diffstat (limited to 'markup/highlight')
-rw-r--r-- | markup/highlight/highlight.go | 4 | ||||
-rw-r--r-- | markup/highlight/highlight_test.go | 29 |
2 files changed, 31 insertions, 2 deletions
diff --git a/markup/highlight/highlight.go b/markup/highlight/highlight.go index 9e26aaf84..2bd77af0b 100644 --- a/markup/highlight/highlight.go +++ b/markup/highlight/highlight.go @@ -15,6 +15,7 @@ package highlight import ( "fmt" + gohtml "html" "io" "strings" @@ -63,7 +64,7 @@ func highlight(code, lang string, cfg Config) (string, error) { if lexer == nil { wrapper := getPreWrapper(lang) fmt.Fprint(w, wrapper.Start(true, "")) - fmt.Fprint(w, code) + fmt.Fprint(w, gohtml.EscapeString(code)) fmt.Fprint(w, wrapper.End(true)) return w.String(), nil } @@ -72,6 +73,7 @@ func highlight(code, lang string, cfg Config) (string, error) { if style == nil { style = styles.Fallback } + lexer = chroma.Coalesce(lexer) iterator, err := lexer.Tokenise(nil, code) if err != nil { diff --git a/markup/highlight/highlight_test.go b/markup/highlight/highlight_test.go index 6da292489..308679263 100644 --- a/markup/highlight/highlight_test.go +++ b/markup/highlight/highlight_test.go @@ -29,6 +29,13 @@ LINE3 LINE4 LINE5 ` + coalesceNeeded := `GET /foo HTTP/1.1 +Content-Type: application/json +User-Agent: foo + +{ + "hello": "world" +}` c.Run("Basic", func(c *qt.C) { cfg := DefaultConfig @@ -38,7 +45,7 @@ LINE5 result, _ := h.Highlight(`echo "Hugo Rocks!"`, "bash", "") c.Assert(result, qt.Equals, `<div class="highlight"><pre class="chroma"><code class="language-bash" data-lang="bash"><span class="nb">echo</span> <span class="s2">"Hugo Rocks!"</span></code></pre></div>`) result, _ = h.Highlight(`echo "Hugo Rocks!"`, "unknown", "") - c.Assert(result, qt.Equals, `<pre><code class="language-unknown" data-lang="unknown">echo "Hugo Rocks!"</code></pre>`) + c.Assert(result, qt.Equals, `<pre><code class="language-unknown" data-lang="unknown">echo "Hugo Rocks!"</code></pre>`) }) @@ -106,4 +113,24 @@ LINE5 result, _ := h.Highlight(lines, "", "") c.Assert(result, qt.Contains, "<span class=\"ln\">2</span>LINE2\n<") }) + + c.Run("No language, Escape HTML string", func(c *qt.C) { + cfg := DefaultConfig + cfg.NoClasses = false + h := New(cfg) + + result, _ := h.Highlight("Escaping less-than in code block? <fail>", "", "") + c.Assert(result, qt.Contains, "<fail>") + }) + + c.Run("Highlight lines, default config", func(c *qt.C) { + cfg := DefaultConfig + cfg.NoClasses = false + h := New(cfg) + + result, _ := h.Highlight(coalesceNeeded, "http", "linenos=true,hl_lines=2") + c.Assert(result, qt.Contains, "hello") + c.Assert(result, qt.Contains, "}") + }) + } |