mirrors/TiddlyWiki5
1
0
Fork 0
mirror of https://github.com/Jermolene/TiddlyWiki5 synced 2026-05-18 19:32:19 +00:00
Code Issues Releases Wiki Activity

Fix security warning from github-advanced-security's CodeQL scan

Browse Source
This commit is contained in:
Jeremy Ruston
2026-04-14 11:37:04 +01:00
parent ca8dcb690a
commit 765386a4f9
1 changed files with 14 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
plugins/tiddlywiki/markdown/yaml.js
+14 -6
View File
@@ -35,12 +35,20 @@ function parseScalar(raw) {
(raw[0] === "'" && raw[raw.length - 1] === "'")) {
var inner = raw.slice(1, -1);
if(raw[0] === '"') {
// Handle basic escape sequences in double-quoted strings
inner = inner.replace(/\\n/g, "\n")
.replace(/\\t/g, "\t")
.replace(/\\r/g, "\r")
.replace(/\\\\/g, "\\")
.replace(/\\"/g, '"');
// Handle basic escape sequences in double-quoted strings.
// Use a single pass so each escape consumes its backslash before
// later replacements can re-interpret it (e.g. "\\n" must become
// backslash + n, not backslash + newline).
inner = inner.replace(/\\(.)/g, function(_, c) {
switch(c) {
case "n": return "\n";
case "t": return "\t";
case "r": return "\r";
case "\\": return "\\";
case '"': return '"';
default: return c;
}
});
}
return inner;
}