Don't return a SafeString after truncate

parent d0313756
# 0.7.4.1
Fixes a possible cross-site scripting issue with maliciously crafted OpenGraph metadata.
# 0.7.4.0 # 0.7.4.0
## Refactor ## Refactor
......
(function() { (function() {
app.helpers.truncate = function(passedString, length) { app.helpers.truncate = function(passedString, length) {
if (passedString === null || passedString === undefined) { if (passedString === null || passedString === undefined || passedString.length < length) {
return passedString; return passedString;
} }
if (passedString.length > length) { var lastBlank = passedString.lastIndexOf(" ", length);
var lastBlank = passedString.lastIndexOf(' ', length); var trimstring = passedString.substring(0, Math.min(length, lastBlank));
var trimstring = passedString.substring(0, Math.min(length, lastBlank)); return trimstring + " ...";
return new Handlebars.SafeString(trimstring + " ...");
}
return new Handlebars.SafeString(passedString);
}; };
})(); })();
...@@ -6,4 +6,16 @@ describe("app.helpers.truncate", function() { ...@@ -6,4 +6,16 @@ describe("app.helpers.truncate", function() {
it("handles undefined", function() { it("handles undefined", function() {
expect(app.helpers.truncate(undefined, 123)).toEqual(undefined); expect(app.helpers.truncate(undefined, 123)).toEqual(undefined);
}); });
it("returns a short string", function() {
expect(app.helpers.truncate("Some text", 10)).toEqual("Some text");
});
it("trims a long string at a space", function() {
expect(app.helpers.truncate("Some very long text", 10)).toEqual("Some very ...");
});
it("returns a string", function() {
expect(typeof app.helpers.truncate("Some very long text", 10)).toEqual("string");
});
}); });
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment