From 8b77bdc048c2e70bbe28767be6b3149e1c6bbab1 Mon Sep 17 00:00:00 2001 From: "Torsten Schulz (local)" Date: Wed, 13 Aug 2025 11:32:54 +0200 Subject: [PATCH] Update package version to 1.1.0 and enhance link insertion logic in EditPagesComponent for improved safety and usability --- package.json | 2 +- src/content/admin/EditPagesComponent.vue | 18 ++++++++++++++---- 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 93c20a0..231aa53 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "miriamgemeinde", - "version": "0.1.0", + "version": "1.1.0", "private": true, "scripts": { "serve": "vue-cli-service serve", diff --git a/src/content/admin/EditPagesComponent.vue b/src/content/admin/EditPagesComponent.vue index 973d5f3..cc83ecb 100644 --- a/src/content/admin/EditPagesComponent.vue +++ b/src/content/admin/EditPagesComponent.vue @@ -322,10 +322,20 @@ export default { addLinkDialog.value.openAddLinkDialog(); }; - const insertLink = ({ url, text }) => { - if (url && text && editor.value) { - editor.value.chain().focus().extendMarkRange('link').setLink({ href: url }).insertContent(text).run(); - } + const insertLink = (url, text) => { + if (!editor.value) return; + if (!url) return; + const selectionText = editor.value.state.doc.textBetween( + editor.value.state.selection.from, + editor.value.state.selection.to + ); + const linkText = (text && text.trim()) || selectionText || url; + // Einfaches Escaping für Text + const escapeHtml = (s) => s.replace(/[&<>"']/g, c => ({'&':'&','<':'<','>':'>','"':'"','\'':'''}[c])); + const safeText = escapeHtml(linkText); + const safeUrl = url.trim(); + // Direkter HTML Insert, damit der Link garantiert entsteht + editor.value.chain().focus().insertContent(`${safeText}`).run(); }; const openAddDownloadDialog = () => {