X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/d17d5689613f1462ef1fabf2a76c2038e2970aa8..c226d8e85ecd32c47811b3728f5f7195b21763f2:/app/helpers/browse_tags_helper.rb diff --git a/app/helpers/browse_tags_helper.rb b/app/helpers/browse_tags_helper.rb index 2a1496f13..f95003aae 100644 --- a/app/helpers/browse_tags_helper.rb +++ b/app/helpers/browse_tags_helper.rb @@ -21,12 +21,8 @@ module BrowseTagsHelper link_to h(wmc[:title]), wmc[:url], :title => t("browse.tag_details.wikimedia_commons_link", :page => wmc[:title]) elsif url = wiki_link("tag", "#{key}=#{value}") link_to h(value), url, :title => t("browse.tag_details.wiki_link.tag", :key => key, :value => value) - elsif emails = email_links(key, value) - # similarly, email_links() returns an array of emails - emails = emails.map do |e| - link_to(h(e[:email]), e[:url], :title => t("browse.tag_details.email_link", :email => e[:email])) - end - safe_join(emails, "; ") + elsif email = email_link(key, value) + mail_to(email, :title => t("browse.tag_details.email_link", :email => email)) elsif phones = telephone_links(key, value) # similarly, telephone_links() returns an array of phone numbers phones = phones.map do |p| @@ -34,9 +30,9 @@ module BrowseTagsHelper end safe_join(phones, "; ") elsif colour_value = colour_preview(key, value) - content_tag(:span, "", :class => "colour-preview-box", :"data-colour" => colour_value, :title => t("browse.tag_details.colour_preview", :colour_value => colour_value)) + colour_value + tag.span("", :class => "colour-preview-box", :"data-colour" => colour_value, :title => t("browse.tag_details.colour_preview", :colour_value => colour_value)) + colour_value else - linkify h(value) + safe_join(value.split(";").map { |x| linkify(h(x)) }, ";") end end @@ -51,20 +47,20 @@ module BrowseTagsHelper # the correct page. lookup_us = lookup.tr(" ", "_") - if page = WIKI_PAGES.dig(locale, type, lookup_us) - url = "https://wiki.openstreetmap.org/wiki/#{page}?uselang=#{locale}" - elsif page = WIKI_PAGES.dig("en", type, lookup_us) - url = "https://wiki.openstreetmap.org/wiki/#{page}?uselang=#{locale}" - end + page = WIKI_PAGES.dig(locale, type, lookup_us) || + WIKI_PAGES.dig("en", type, lookup_us) + + url = "https://wiki.openstreetmap.org/wiki/#{page}?uselang=#{locale}" if page url end def wikipedia_link(key, value) # Some k/v's are wikipedia=http://en.wikipedia.org/wiki/Full%20URL - return nil if value =~ %r{^https?://} + return nil if %r{^https?://}.match?(value) - if key == "wikipedia" + case key + when "wikipedia" # This regex should match Wikipedia language codes, everything # from de to zh-classical lang = if value =~ /^([a-z-]{2,12}):(.+)$/i @@ -75,7 +71,7 @@ module BrowseTagsHelper # Value is so default to English Wikipedia "en" end - elsif key =~ /^wikipedia:(\S+)$/ + when /^wikipedia:(\S+)$/ # Language is in the key, so assume value is the title lang = Regexp.last_match(1) else @@ -87,8 +83,8 @@ module BrowseTagsHelper # Contains a reference to a section of the wikipedia article # Must break it up to correctly build the url value = Regexp.last_match(1) - section = "#" + Regexp.last_match(2) - encoded_section = "#" + CGI.escape(Regexp.last_match(2).gsub(/ +/, "_")).tr("%", ".") + section = "##{Regexp.last_match(2)}" + encoded_section = "##{CGI.escape(Regexp.last_match(2).gsub(/ +/, '_'))}" else section = "" encoded_section = "" @@ -129,24 +125,22 @@ module BrowseTagsHelper nil end - def email_links(_key, value) - # Does value look like an email? eg "someone@domain.tld" - # or a list of alternate emails separated by ; - - # Uses WHATWG implementation of email validation, which follows RFC 1123 - # but is a willful violation of RFC 5322. - # (see: https://html.spec.whatwg.org/multipage/input.html#valid-e-mail-address) - if value.match?(%r{^\s*[a-zA-Z0-9.!#$%&'*+\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*\s* - (;\s*[a-zA-Z0-9.!#$%&'*+\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*\s*)*$ - }x) - return value.split(";").map do |email| - # remove any leading or trailing whitespace if present - email = email.strip - - # add 'mailto:'' prefix - { :email => email, :url => "mailto:#{email}" } - end - end + def email_link(key, value) + # Avoid converting conditional tags into emails, since EMAIL_REGEXP is quite permissive + return nil unless %w[email contact:email].include? key + + # Does the value look like an email? eg "someone@domain.tld" + + # Uses Ruby built-in regexp to validate email. + # This will not catch certain valid emails containing comments, whitespace characters, + # and quoted strings. + # (see: https://github.com/ruby/ruby/blob/master/lib/uri/mailto.rb) + + # remove any leading and trailing whitespace + email = value.strip + + return email if email.match?(URI::MailTo::EMAIL_REGEXP) + nil end @@ -161,7 +155,7 @@ module BrowseTagsHelper # # Also accepting / as a visual separator although not given in RFC 3966, # because it is used as a visual separator in OSM data in some countries. - if value.match?(%r{^\s*\+[\d\s\(\)/\.-]{6,25}\s*(;\s*\+[\d\s\(\)/\.-]{6,25}\s*)*$}) + if value.match?(%r{^\s*\+[\d\s()/.-]{6,25}\s*(;\s*\+[\d\s()/.-]{6,25}\s*)*$}) return value.split(";").map do |phone_number| # for display, remove leading and trailing whitespace phone_number = phone_number.strip