Fixes issue with HTML entities

Mailtrain-org · Mar 19, 2017 · 9d5fb81 · witzig · Apr 5, 2017 · 9d5fb81
1 parent d2b0a61
commit 9d5fb81
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 12 deletions.
diff --git a/lib/tools.js b/lib/tools.js
@@ -6,6 +6,7 @@ let Isemail = require('isemail');
 let urllib = require('url');
 let juice = require('juice');
 let jsdom = require('jsdom');
+let he = require('he');
 let _ = require('./translate')._;
 let util = require('util');
 
@@ -169,7 +170,7 @@ function getMessageLinks(serviceUrl, campaign, list, subscription) {
     };
 }
 
-function formatMessage(serviceUrl, campaign, list, subscription, message, filter) {
+function formatMessage(serviceUrl, campaign, list, subscription, message, filter, isHTML) {
     filter = typeof filter === 'function' ? filter : (str => str);
 
     let links = getMessageLinks(serviceUrl, campaign, list, subscription);
@@ -180,7 +181,9 @@ function formatMessage(serviceUrl, campaign, list, subscription, message, filter
             return links[key];
         }
         if (subscription.mergeTags.hasOwnProperty(key)) {
-            return subscription.mergeTags[key];
+            return isHTML ? he.encode(subscription.mergeTags[key], {
+                useNamedReferences: true
+            }) : subscription.mergeTags[key];
         }
         return false;
     };

diff --git a/package.json b/package.json
@@ -35,7 +35,7 @@
   },
   "dependencies": {
     "async": "^2.1.5",
-    "aws-sdk": "^2.24.0",
+    "aws-sdk": "^2.28.0",
     "bcrypt-nodejs": "0.0.3",
     "body-parser": "^1.17.1",
     "bounce-handler": "^7.3.2-fork.2",
@@ -64,7 +64,7 @@
     "is-url": "^1.2.2",
     "isemail": "^2.2.1",
     "jquery-file-upload-middleware": "^0.1.8",
-    "jsdom": "^9.11.0",
+    "jsdom": "^9.12.0",
     "juice": "^4.0.2",
     "libmime": "^3.1.0",
     "marked": "^0.3.6",
@@ -75,22 +75,22 @@
     "multer": "^1.3.0",
     "multiparty": "^4.1.3",
     "mysql": "^2.13.0",
-    "node-gettext": "^2.0.0-rc.0",
+    "node-gettext": "^2.0.0-rc.1",
     "node-mocks-http": "^1.6.1",
-    "nodemailer": "^3.1.5",
+    "nodemailer": "^3.1.7",
     "nodemailer-openpgp": "^1.0.2",
     "npmlog": "^4.0.2",
-    "openpgp": "^2.4.0",
+    "openpgp": "^2.5.1",
     "passport": "^0.3.2",
     "passport-local": "^1.0.0",
     "premailer-api": "^1.0.4",
     "redfour": "^1.0.0",
-    "redis": "^2.6.5",
-    "request": "^2.80.0",
+    "redis": "^2.7.1",
+    "request": "^2.81.0",
     "serve-favicon": "^2.4.1",
     "shortid": "^2.2.8",
     "slugify": "^1.1.0",
-    "smtp-server": "^2.0.2",
+    "smtp-server": "^2.0.3",
     "striptags": "^3.0.1",
     "toml": "^2.3.2"
   }

diff --git a/routes/archive.js b/routes/archive.js
@@ -67,7 +67,7 @@ router.get('/:campaign/:list/:subscription', passport.csrfProtection, (req, res,
                             let render = (view, layout) => {
                                 res.render(view, {
                                     layout,
-                                    message: renderTags ? tools.formatMessage(serviceUrl, campaign, list, subscription, html) : html,
+                                    message: renderTags ? tools.formatMessage(serviceUrl, campaign, list, subscription, html, false, true) : html,
                                     campaign,
                                     list,
                                     subscription,
@@ -80,6 +80,9 @@ router.get('/:campaign/:list/:subscription', passport.csrfProtection, (req, res,
                                 res.render('partials/tracking-scripts', {
                                     layout: 'archive/layout-raw'
                                 }, (err, scripts) => {
+                                    if (err) {
+                                        return next(err);
+                                    }
                                     html = scripts ? html.replace(/<\/body\b/i, match => scripts + match) : html;
                                     render('archive/view-raw', 'archive/layout-raw');
                                 });

diff --git a/services/sender.js b/services/sender.js
@@ -371,7 +371,7 @@ function formatMessage(message, callback) {
 
                                 let campaignAddress = [campaign.cid, list.cid, message.subscription.cid].join('.');
 
-                                let renderedHtml = renderTags ? tools.formatMessage(configItems.serviceUrl, campaign, list, message.subscription, html) : html;
+                                let renderedHtml = renderTags ? tools.formatMessage(configItems.serviceUrl, campaign, list, message.subscription, html, false, true) : html;
 
                                 let renderedText = (text || '').trim() ? (renderTags ? tools.formatMessage(configItems.serviceUrl, campaign, list, message.subscription, text) : text) : htmlToText.fromString(renderedHtml, {
                                     wordwrap: 130