~sotirisp/qute-gemini

c0b00acfd4aec53ce4475ef801a118637b7aa62b — Sotiris Papatheodorou 9 months ago 4ae25c0
Fix HTML tags in gemtext not being escaped
2 files changed, 8 insertions(+), 10 deletions(-)

M README.md
M qute-gemini
M README.md => README.md +0 -5
@@ 34,11 34,6 @@ to ensure that everything works.

- Userscript limitations
    - Only `text/gemini` content is shown.
    - The Gemini to HTML conversion has several bugs. A notable example is HTML
      tags in the Gemini text, such as in section 5.5.1
      [here](gemini://gemini.circumlunar.space/docs/specification.gmi). No code
      tags are put around them when converting to HTML, so they end up being
      interpreted as HTML tags by qutebrowser.
    - Probably tons of usability issues.
- Qutebrowser limitations
    - Opening `gemini://` URLs by clicking on them does not work, only opening

M qute-gemini => qute-gemini +8 -5
@@ 8,6 8,7 @@
# SPDX-License-Identifier: GPL-3.0-or-later

import cgi
import html
import os
import socket
import ssl


@@ 133,6 134,8 @@ def gemtext_to_html(gemtext: str, title: str, url: str) -> str:
            # Use the URL itself as the description if there is none
            if len(l) == 1:
                l.append(l[0])
            # Encode the link description
            l[1] = html.escape(l[1])
            # Resolve relative URLs
            l[0] = gemini_absolutise_url(url, l[0])
            lines.append("".join(['\t\t<p><a href="', l[0], '">', l[1], "</a></p>"]))


@@ 148,23 151,23 @@ def gemtext_to_html(gemtext: str, title: str, url: str) -> str:
            lines.append(line)
        # Header
        elif line.startswith("###"):
            lines.append("\t\t<h3>" + line[3:].strip() + "</h3>")
            lines.append("\t\t<h3>" + html.escape(line[3:].strip()) + "</h3>")
        elif line.startswith("##"):
            lines.append("\t\t<h2>" + line[2:].strip() + "</h2>")
            lines.append("\t\t<h2>" + html.escape(line[2:].strip()) + "</h2>")
        elif line.startswith("#"):
            lines.append("\t\t<h1>" + line[1:].strip() + "</h1>")
            lines.append("\t\t<h1>" + html.escape(line[1:].strip()) + "</h1>")
        # List
        elif line.startswith("*"):
            if not in_list:
                lines.append("\t\t<ul>")
            in_list = True
            lines.append("\t\t\t<li>" + line[1:].strip() + "</li>")
            lines.append("\t\t\t<li>" + html.escape(line[1:].strip()) + "</li>")
        # Quote
        elif line.startswith(">"):
            lines.append("\t\t<blockquote>\n\t\t\t<p>" + line[1:].strip() + "</p>\n\t\t</blockquote>")
        # Normal text
        else:
            lines.append("\t\t<p>" + line.strip() + "</p>")
            lines.append("\t\t<p>" + html.escape(line.strip()) + "</p>")
    lines.append("")
    lines.append("\t</body>\n")
    lines.append("</html>")