2021-08-16 14:59:04 +00:00
|
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
|
|
set -e
|
|
|
|
|
|
2023-01-09 11:20:22 +00:00
|
|
|
|
# Ensure all locale files are sorted.
|
|
|
|
|
node scripts/translations/sort.js --check
|
|
|
|
|
|
|
|
|
|
# Ensure no locales contain single quotes.
|
|
|
|
|
LOCALES_WITH_SINGLE_QUOTE=$(\
|
2021-08-16 14:59:04 +00:00
|
|
|
|
grep \
|
|
|
|
|
--files-with-matches \
|
|
|
|
|
--recursive locales/ \
|
|
|
|
|
--regex "'" \
|
2023-01-09 11:20:22 +00:00
|
|
|
|
|| true
|
2021-08-16 14:59:04 +00:00
|
|
|
|
)
|
|
|
|
|
|
2023-01-09 11:20:22 +00:00
|
|
|
|
for file in ${LOCALES_WITH_SINGLE_QUOTE}; do
|
2021-08-16 14:59:04 +00:00
|
|
|
|
cat <<MSG >&2
|
|
|
|
|
|
|
|
|
|
ERROR: $file contains a locale with a single quote.
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
$(grep "$file" --regex "'")
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
Using single quotes in locales can lead to Angular XSS.
|
|
|
|
|
|
|
|
|
|
You will need to replace the quote with a similar looking character.
|
|
|
|
|
’ (\u2019) is a good candidate.
|
|
|
|
|
|
|
|
|
|
Links:
|
|
|
|
|
- https://en.wikipedia.org/wiki/Right_single_quotation_mark
|
|
|
|
|
- https://github.com/overleaf/issues/issues/4478
|
|
|
|
|
|
|
|
|
|
MSG
|
|
|
|
|
exit 1
|
|
|
|
|
done
|