From 0562635bfdbffc11d0cda88c99b0cabb736c52ab Mon Sep 17 00:00:00 2001
From: Elmar Ludwig <elmar.ludwig@uni-osnabrueck.de>
Date: Wed, 7 Aug 2024 14:53:15 +0000
Subject: [PATCH] drop broken and insecure custom v-highlightjs attr, fixes
#4437
Closes #4437
Merge request studip/studip!3227
---
.../courseware/blocks/CoursewareCodeBlock.vue | 27 +++----------------
1 file changed, 4 insertions(+), 23 deletions(-)
diff --git a/resources/vue/components/courseware/blocks/CoursewareCodeBlock.vue b/resources/vue/components/courseware/blocks/CoursewareCodeBlock.vue
index 9e5786750c8..a0dd11543b9 100644
--- a/resources/vue/components/courseware/blocks/CoursewareCodeBlock.vue
+++ b/resources/vue/components/courseware/blocks/CoursewareCodeBlock.vue
@@ -10,7 +10,7 @@
@closeEdit="initCurrentData"
>
<template #content>
- <pre v-show="currentContent !== ''" v-highlightjs="currentContent"><code ref="code" :class="[currentLang]"></code></pre>
+ <pre v-show="currentContent !== ''"><code v-html="highlightContent" class="hljs"></code></pre>
<div v-show="currentLang !== ''" class="code-lang">
<span>{{ currentLang }}</span>
</div>
@@ -63,28 +63,9 @@ export default {
lang() {
return this.block?.attributes?.payload?.lang;
},
- },
- directives: {
- highlightjs: {
- deep: true,
- bind(el, binding) {
- let targets = el.querySelectorAll('code');
- targets.forEach((target) => {
- if (binding.value) {
- target.innerHTML = binding.value;
- }
- hljs.highlightBlock(target);
- });
- },
- componentUpdated(el, binding) {
- let targets = el.querySelectorAll('code');
- targets.forEach((target) => {
- if (binding.value) {
- target.innerHTML = binding.value;
- hljs.highlightBlock(target);
- }
- });
- },
+ highlightContent() {
+ let language = this.currentLang !== '' ? [this.currentLang] : null;
+ return hljs.highlightAuto(this.currentContent, language).value;
},
},
mounted() {
--
GitLab