diff options
| author | mayx <mayx@outlook.com> | 2025-04-08 16:12:54 +0200 |
|---|---|---|
| committer | mayx <mayx@outlook.com> | 2025-04-08 16:12:54 +0200 |
| commit | 9170efdaa394de637bf1887f7f8c5ae4c449e512 (patch) | |
| tree | c5e1b57db00dfceb028522ebe709ae0c9479f76a /js | |
| parent | d3eefbba2defb57e54502651ab9e9220e78ab36a (diff) | |
Update 7 files
- /_includes/word_count.html
- /_config.yml
- /_layouts/default.html
- /Gemfile
- /js/rss-feed-preview.js
- /_posts/2025-04-08-feed.md
- /links.md
Diffstat (limited to 'js')
| -rw-r--r-- | js/rss-feed-preview.js | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/js/rss-feed-preview.js b/js/rss-feed-preview.js index 8d74709..2929622 100644 --- a/js/rss-feed-preview.js +++ b/js/rss-feed-preview.js @@ -90,6 +90,17 @@ return null; }; + const escapeHTML = (str) => { + return String(str).replace(/[&<>"'/]/g, (c) => ({ + '&': '&', + '<': '<', + '>': '>', + '"': '"', + "'": ''', + '/': '/' + }[c])); + }; + const renderFeedItems = (previewEl, items, siteName) => { if (!items || items.length === 0) { previewEl.innerHTML = '<p>No feed items found.</p>'; @@ -99,13 +110,15 @@ let html = `<h3>Latest from ${siteName}</h3><ul style="list-style: none; padding: 0; margin: 0;">`; items.forEach(item => { + const safeTitle = escapeHTML(item.title); + const safeDate = escapeHTML(new Date(item.date).toLocaleDateString()); html += ` <li style="margin-bottom: 10px; padding-bottom: 10px; border-bottom: 1px solid #eee;"> <div style="color: #24292e; font-weight: bold;"> - ${item.title} + ${safeTitle} </div> <div style="color: #586069; font-size: 12px; margin: 3px 0;"> - ${new Date(item.date).toLocaleDateString()} + ${safeDate} </div> </li> `; |