svrjs/svrjs-nextjs-website
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: use escape function from validator package

Browse source
This commit is contained in:
Dorian Niemiec 2024-09-08 05:47:32 +02:00
parent b45d5ab83b
commit fcd6513a2e
1 changed files with 3 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
app/api/contact/route.ts
View file

@ -1,7 +1,7 @@
import { mailOptions, transporter } from "@/lib/nodemailer/nodemailer"; import { mailOptions, transporter } from "@/lib/nodemailer/nodemailer";
import { NextRequest, NextResponse } from "next/server"; import { NextRequest, NextResponse } from "next/server";
import dns from "dns/promises"; import dns from "dns/promises";
import { isEmail } from "validator"; import { isEmail, escape } from "validator";
const CONTACT_MESSAGE_FIELDS: Record<string, string> = { const CONTACT_MESSAGE_FIELDS: Record<string, string> = {
name: "Name", name: "Name",
@ -9,15 +9,6 @@ const CONTACT_MESSAGE_FIELDS: Record<string, string> = {
message: "Message" message: "Message"
}; };
const escapeHtml = (text: string) => {
return text
.replace(/&/g, "&amp;")
.replace(/</g, "&lt;")
.replace(/>/g, "&gt;")
.replace(/"/g, "&quot;")
.replace(/'/g, "&#039;");
};
const generateEmailContent = (data: Record<string, string>) => { const generateEmailContent = (data: Record<string, string>) => {
const stringData = Object.entries(data).reduce( const stringData = Object.entries(data).reduce(
(str, [key, val]) => (str, [key, val]) =>
@ -31,9 +22,9 @@ const generateEmailContent = (data: Record<string, string>) => {
str + str +
(key == "captchaToken" (key == "captchaToken"
? "" ? ""
: `<h3 class="form-heading">${escapeHtml( : `<h3 class="form-heading">${escape(
CONTACT_MESSAGE_FIELDS[key] || key CONTACT_MESSAGE_FIELDS[key] || key
)}</h3><p class="form-answer">${escapeHtml(val).replace( )}</h3><p class="form-answer">${escape(val).replace(
/\n/g, /\n/g,
"<br/>" "<br/>"
)}</p>`), )}</p>`),