lib/elemHide.js - Issue 30002601: Issue 7284 - Move CSS escaping to createStyleSheet

Keyboard Shortcuts

	File
u :	up to issue
m :	publish + mail comments
M :	edit review message
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line
<Enter> :	respond to / edit current comment
d :	mark current comment as done

	Issue
u :	up to list of issues
m :	publish + mail comments
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue
# :	close issue

	Comment/message editing
<Ctrl> + s or <Ctrl> + Enter :	save comment
<Esc> :	cancel edit

Unified Diff: lib/elemHide.js

Issue 30002601: Issue 7284 - Move CSS escaping to createStyleSheet (Closed) Base URL: https://hg.adblockplus.org/adblockpluscore/

Patch Set: Added test Created Feb. 15, 2019, 2:36 p.m.

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: lib/elemHide.js

===================================================================

--- a/lib/elemHide.js

+++ b/lib/elemHide.js

@@ -472,29 +472,41 @@

// this could still lead to some selectors not working on Chromium, but it is

// highly unlikely.

// See issue #6298 and https://crbug.com/804179

for (let i = 0; i < selectors.length; i += selectorGroupSize)

yield selectors.slice(i, i + selectorGroupSize);

}

/**

+ * Escapes curly braces to prevent CSS rule injection.

+ *

+ * @param {string} selector

+ * @returns {string}

+ */

+function escapeSelector(selector)

+ return selector.replace("{", "\\7B ").replace("}", "\\7D ");

+/**

* Creates an element hiding CSS rule for a given list of selectors.

* @param {Array.<string>} selectors

* @returns {string}

function createRule(selectors)

{

let rule = "";

for (let i = 0; i < selectors.length - 1; i++)

- rule += selectors[i] + ", ";

+ rule += escapeSelector(selectors[i]) + ", ";

- rule += selectors[selectors.length - 1] + " {display: none !important;}\n";

+ rule += escapeSelector(selectors[selectors.length - 1]) +

+ " {display: none !important;}\n";

return rule;

}

/**

* Creates an element hiding CSS style sheet from a given list of selectors.

* @param {Array.<string>} selectors

* @returns {string}

« no previous file with comments | « lib/content/elemHideEmulation.js ('k') | lib/filterClasses.js » ('j') | test/elemHide.js » ('J')