Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WIP] feat/489: Add Rewrite Tone feature #803

Draft
wants to merge 7 commits into
base: develop
Choose a base branch
from
Draft

[WIP] feat/489: Add Rewrite Tone feature #803

wants to merge 7 commits into from

Conversation

Sidsector9
Copy link
Member

Description of the Change

Closes #

How to test the Change

Changelog Entry

Added - New feature
Changed - Existing functionality
Deprecated - Soon-to-be removed feature
Removed - Feature
Fixed - Bug fix
Security - Vulnerability
Developer - Non-functional update

Credits

Props @username, @username2, ...

Checklist:

@Sidsector9 Sidsector9 self-assigned this Sep 16, 2024
@github-actions github-actions bot added this to the 3.2.0 milestone Sep 16, 2024
@github-actions github-actions bot added the needs:refresh This requires a refreshed PR to resolve. label Sep 26, 2024
@github-actions github-actions bot removed the needs:refresh This requires a refreshed PR to resolve. label Sep 28, 2024
github-advanced-security[bot]
github-advanced-security bot found potential problems Sep 28, 2024
View reviewed changes
src/js/features/rewrite-tone/index.js
blocks.map( ( { clientId, content } ) => {
return {
clientId,
content: content.replace( /<!--[\s\S]*?-->/g, '' ),

Check failure

Code scanning / CodeQL

Incomplete multi-character sanitization High

This string may still contain
<!--
Loading
, which may cause an HTML element injection vulnerability.

Copilot Autofix AI about 2 months ago

To fix the problem, we need to ensure that all instances of the targeted pattern are removed, even if they are nested or malformed. One effective way to achieve this is to apply the regular expression replacement repeatedly until no more replacements can be performed. This approach ensures that all occurrences of the pattern are removed, leaving no unsafe content behind.

We will modify the removeDelimiters function to repeatedly apply the regular expression replacement until the content no longer changes. This will ensure that all HTML comment delimiters are removed from the content.

Suggested changeset 1
src/js/features/rewrite-tone/index.js

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/src/js/features/rewrite-tone/index.js b/src/js/features/rewrite-tone/index.js
--- a/src/js/features/rewrite-tone/index.js
+++ b/src/js/features/rewrite-tone/index.js
@@ -203,5 +203,10 @@
 		blocks.map( ( { clientId, content } ) => {
+			let previous;
+			do {
+				previous = content;
+				content = content.replace( /<!--[\s\S]*?-->/g, '' );
+			} while (content !== previous);
 			return {
 				clientId,
-				content: content.replace( /<!--[\s\S]*?-->/g, '' ),
+				content,
 			};
EOF
@@ -203,5 +203,10 @@
blocks.map( ( { clientId, content } ) => {
let previous;
do {
previous = content;
content = content.replace( /<!--[\s\S]*?-->/g, '' );
} while (content !== previous);
return {
clientId,
content: content.replace( /<!--[\s\S]*?-->/g, '' ),
content,
};
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dkotter dkotter Awaiting requested review from dkotter dkotter will be requested when the pull request is marked ready for review dkotter is a code owner

@jeffpaul jeffpaul Awaiting requested review from jeffpaul jeffpaul will be requested when the pull request is marked ready for review jeffpaul is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@Sidsector9 Sidsector9

Labels
None yet
Projects
None yet
Milestone
3.2.0
Development

Successfully merging this pull request may close these issues.
1 participant
@Sidsector9