Make sure non-highlighted diffs are still escaped

150b4f66 · Douwe Maan · 3f7993b5 · 150b4f66 · 150b4f66 · 150b4f66
Commit 150b4f66 authored 9 years ago by Douwe Maan
--- a/app/controllers/projects/blob_controller.rb
+++ b/app/controllers/projects/blob_controller.rb
@@ -52,7 +52,9 @@ class Projects::BlobController < Projects::ApplicationController
  def preview
    @content = params[:content]
    diffy = Diffy::Diff.new(@blob.data, @content, diff: '-U 3', include_diff_info: true)
-    @diff_lines = Gitlab::Diff::Parser.new.parse(diffy.diff.scan(/.*\n/))
+    diff_lines = diffy.diff.scan(/.*\n/)[2..-1]
+    diff_lines = Gitlab::Diff::Parser.new.parse(diff_lines)
+    @diff_lines = Gitlab::Diff::Highlight.new(diff_lines).highlight
  
    render layout: false
  end

--- a/app/models/note.rb
+++ b/app/models/note.rb
@@ -244,7 +244,7 @@ class Note < ActiveRecord::Base
    prev_match_line = nil
    prev_lines = []
  
-    diff_lines.each do |line|
+    highlighted_diff_lines.each do |line|
      if line.type == "match"
        prev_lines.clear
        prev_match_line = line
@@ -261,7 +261,11 @@ class Note < ActiveRecord::Base
  end
  
  def diff_lines
-    @diff_lines ||= Gitlab::Diff::Parser.new.parse(diff.diff.lines.to_a)
+    @diff_lines ||= Gitlab::Diff::Parser.new.parse(diff.diff.lines)
+  end
+
+  def highlighted_diff_lines
+    Gitlab::Diff::Highlight.new(diff_lines).highlight
  end
  
  def discussion_id

--- a/lib/gitlab/diff/highlight.rb
+++ b/lib/gitlab/diff/highlight.rb
 module Gitlab
  module Diff
    class Highlight
-      attr_reader :diff_file
+      attr_reader :diff_file, :diff_lines, :raw_lines
  
      delegate :old_path, :new_path, :old_ref, :new_ref, to: :diff_file, prefix: :diff
  
-      def initialize(diff_file)
-        @diff_file = diff_file
-        @diff_lines = diff_file.diff_lines
+      def initialize(diff_lines)
+        if diff_lines.is_a?(Gitlab::Diff::File)
+          @diff_file = diff_file
+          @diff_lines = diff_file.diff_lines
+        else
+          @diff_lines = diff_lines
+        end
        @raw_lines = @diff_lines.map(&:text)
      end
  
@@ -31,7 +35,7 @@ module Gitlab
      private
  
      def highlight_line(diff_line, index)
-        return html_escape(diff_line.text) unless diff_file.diff_refs
+        return html_escape(diff_line.text) unless diff_file && diff_file.diff_refs
  
        line_prefix = diff_line.text.match(/\A(.)/) ? $1 : ' '
  
@@ -52,10 +56,12 @@ module Gitlab
      end
  
      def old_lines
+        return unless diff_file
        @old_lines ||= Gitlab::Highlight.highlight_lines(*processing_args(:old))
      end
  
      def new_lines
+        return unless diff_file
        @new_lines ||= Gitlab::Highlight.highlight_lines(*processing_args(:new))
      end