dan
/
jekyll
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Improve regex usage in `Tags::IncludeTag` (#6848) 

Merge pull request 6848
This commit is contained in:
ashmaroli 2018-03-21 20:06:06 +05:30 committed by jekyllbot
parent 603d513643
commit 7317627b97
2 changed files with 32 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
features/include_tag.feature
View File

@ -104,3 +104,28 @@ Feature: Include tags
Then I should get a zero exit status Then I should get a zero exit status
And the _site directory should exist And the _site directory should exist
And I should see "include" in "_site/index.html" And I should see "include" in "_site/index.html"
Scenario: Include a file-path with non-alphanumeric character sequences
Given I have an _includes directory
And I have an "_includes/header-en.html" file that contains "include"
And I have an "index.html" page that contains "{% include ./header-en.html %}"
When I run jekyll build
Then I should get a non-zero exit status
And I should see "Invalid syntax for include tag." in the build output
When I have an "index.html" page that contains "{% include foo/.header-en.html %}"
When I run jekyll build
Then I should get a non-zero exit status
And I should see "Invalid syntax for include tag." in the build output
When I have an "index.html" page that contains "{% include //header-en.html %}"
When I run jekyll build
Then I should get a non-zero exit status
And I should see "Invalid syntax for include tag." in the build output
When I have an "index.html" page that contains "{% include ..header-en.html %}"
When I run jekyll build
Then I should get a non-zero exit status
And I should see "Invalid syntax for include tag." in the build output
When I have an "index.html" page that contains "{% include header-en.html %}"
When I run jekyll build
Then I should get a zero exit status
And the _site directory should exist
And I should see "include" in "_site/index.html"

11
lib/jekyll/tags/include.rb
View File

@ -21,6 +21,10 @@ module Jekyll
(?<params>.*) (?<params>.*)
!x !x
FULL_VALID_SYNTAX = %r!\A\s*(?:#{VALID_SYNTAX}(?=\s|\z)\s*)*\z!
VALID_FILENAME_CHARS = %r!^[\w/\.-]+$!
INVALID_SEQUENCES = %r![./]{2,}!
def initialize(tag_name, markup, tokens) def initialize(tag_name, markup, tokens)
super super
matched = markup.strip.match(VARIABLE_SYNTAX) matched = markup.strip.match(VARIABLE_SYNTAX)
@ -59,7 +63,7 @@ module Jekyll
end end
def validate_file_name(file) def validate_file_name(file)
if file !~ %r!^[a-zA-Z0-9_/\.-]+$! || file =~ %r!\./! || file =~ %r!/\.! if file =~ INVALID_SEQUENCES || file !~ VALID_FILENAME_CHARS
raise ArgumentError, <<-MSG raise ArgumentError, <<-MSG
Invalid syntax for include tag. File contains invalid characters or sequences: Invalid syntax for include tag. File contains invalid characters or sequences:
@ -74,8 +78,7 @@ MSG
end end
def validate_params def validate_params
full_valid_syntax = %r!\A\s*(?:#{VALID_SYNTAX}(?=\s|\z)\s*)*\z! unless @params =~ FULL_VALID_SYNTAX
unless @params =~ full_valid_syntax
raise ArgumentError, <<-MSG raise ArgumentError, <<-MSG
Invalid syntax for include tag: Invalid syntax for include tag:
@ -96,7 +99,7 @@ MSG
# Render the variable if required # Render the variable if required
def render_variable(context) def render_variable(context)
if @file.match(VARIABLE_SYNTAX) if @file =~ VARIABLE_SYNTAX
partial = context.registers[:site] partial = context.registers[:site]
.liquid_renderer .liquid_renderer
.file("(variable)") .file("(variable)")