Module: Knitsearch::Highlighter

Extended by:: Highlighter

Included in:: Highlighter

Defined in:: lib/knitsearch/highlighter.rb

Overview

HTML highlighter for search results. Replaces placeholder marks inserted by FTS5’s highlight() function with <mark> tags. The marks are control characters chosen to be unlikely in user content.

Instance Method Details

#closing_mark ⇒ `Object`



27
28
29

# File 'lib/knitsearch/highlighter.rb', line 27

def closing_mark
  CLOSING_MARK
end

#opening_mark ⇒ `Object`



23
24
25

# File 'lib/knitsearch/highlighter.rb', line 23

def opening_mark
  OPENING_MARK
end

#render(text) ⇒ `Object`

# File 'lib/knitsearch/highlighter.rb', line 12

def render(text)
  return nil if text.nil?

  # Escape user content FIRST, then convert sentinels to <mark>. Reordering
  # this would render user-stored HTML verbatim and produce stored XSS.
  CGI.escapeHTML(text.to_s)
     .gsub(CGI.escapeHTML(opening_mark), "<mark>")
     .gsub(CGI.escapeHTML(closing_mark), "</mark>")
     .html_safe
end

Module: Knitsearch::Highlighter

Overview

Instance Method Summary collapse

Instance Method Details

#closing_mark ⇒ Object

#opening_mark ⇒ Object

#render(text) ⇒ Object

#closing_mark ⇒ `Object`

#opening_mark ⇒ `Object`

#render(text) ⇒ `Object`