Decode HTML entities in comments, make blockquotes smaller

Flask escapes < > etc, and the markdown parser does not consider > as > aka blockquote. Fixed by decoding HTML source before rendering markdown.
2017-11-10 02:12:08 +02:00 · 2017-11-10 02:12:08 +02:00 · 0b094a7229
parent f6735219f0
commit 0b094a7229
3 changed files with 22 additions and 6 deletions
--- a/nyaa/forms.py
+++ b/nyaa/forms.py
@ -182,7 +182,7 @@ class DisabledSelectField(SelectField):

 class CommentForm(FlaskForm):
    comment = TextAreaField('Make a comment', [
-        Length(min=3, max=1024, message='Comment must be at least %(min)d characters '
+        Length(min=3, max=2048, message='Comment must be at least %(min)d characters '
               'long and %(max)d at most.'),
        DataRequired(message='Comment must not be empty.')
    ])
--- a/nyaa/static/css/main.css
+++ b/nyaa/static/css/main.css
@ -565,3 +565,9 @@ td.report-action-column {
 		width: 400px;
 	}
 }
+
+
+/* Override <blockquote> font size (assume main.css comes after bootstrap) */
+blockquote {
+	font-size: inherit;
+}
--- a/nyaa/static/js/main.js
+++ b/nyaa/static/js/main.js
@ -67,7 +67,7 @@ $(document).ready(function() {
 		$('#torrent_file')[0].files = files;
 		$(this).css({ 'visibility': 'hidden', 'opacity': 0 });
 	});
-	
+
 	// Collapsible file lists
 	$('.torrent-file-list a.folder').click(function(e) {
 		e.preventDefault();
@ -75,6 +75,7 @@ $(document).ready(function() {
 		$(this).next().stop().slideToggle(250);
 	});

+	// Comment editing below
 	$('.edit-comment').click(function(e) {
 		e.preventDefault();
 		$(this).closest('.comment').toggleClass('is-editing');
@ -84,7 +85,7 @@ $(document).ready(function() {
 		var $this = $(this),
 			text = $(this).text(),
 			until = $this.data('until');
-		
+
 		var displayTimeRemaining = function() {
 			var diff = Math.max(0, until - (Date.now() / 1000) | 0),
 				min = Math.floor(diff / 60),
@ -110,7 +111,7 @@ $(document).ready(function() {
 			data: $this.serialize()
 		}).done(function(data) {
 			var $comment = $this.closest('.comment');
-			$comment.find('.comment-content').html(markdown.render(data.comment));		
+			$comment.find('.comment-content').html(markdown.render(data.comment));
 			$comment.toggleClass('is-editing');
 		}).fail(function(xhr) {
 			var error = xhr.responseJSON && xhr.responseJSON.error || 'An unknown error occurred.';
@ -234,15 +235,24 @@ document.addEventListener("DOMContentLoaded", function() {
 	for (var i = 0; i < markdownTargets.length; i++) {
 		var target = markdownTargets[i];
 		var rendered;
+		var markdownSource = htmlDecode(target.innerHTML);
 		if (target.attributes["markdown-text-inline"]) {
-			rendered = markdown.renderInline(target.innerHTML);
+			rendered = markdown.renderInline(markdownSource);
 		} else {
-			rendered = markdown.render(target.innerHTML);
+			rendered = markdown.render(markdownSource);
 		}
 		target.innerHTML = rendered;
 	}
 });

+
+// Decode HTML entities (&gt; etc), used for decoding comment markdown from escaped text
+function htmlDecode(input){
+	var e = document.createElement('div');
+	e.innerHTML = input;
+	return e.childNodes[0].nodeValue;
+}
+
 //
 // This is the unminified version of the theme changer script in the layout.html @ line: 21
 // ===========================================================