0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-20 22:42:53 -05:00
ghost/core/frontend/helpers/author.js
Hannah Wolfe 724db487a0
Swapped _.escape for proxy.escapeExpression
- we don't need to use _.escape from lodash as we already have escapeExpression from handlebars
- it's more correct to use the escape utility from our theme engine when escaping strings _for_ our theme engine!
- Note there is a minor difference between the two:
  - Lodash: &, <, >, " and '
    - refs: https://lodash.com/docs/4.17.15#escape
  - Handlebars: &, <, >, ", ', ` and =
    - refs: https://handlebarsjs.com/api-reference/utilities.html#helper-utilities

- This could cause slightly weird behaviour in themes around ` and = characters, but as it's just convering to html entities it should be fine
2021-06-04 20:07:44 +01:00

39 lines
1.3 KiB
JavaScript

// # Author Helper
// Usage: `{{author}}` OR `{{#author}}{{/author}}`
//
// Can be used as either an output or a block helper
//
// Output helper: `{{author}}`
// Returns the full name of the author of a given post, or a blank string
// if the author could not be determined.
//
// Block helper: `{{#author}}{{/author}}`
// This is the default handlebars behaviour of dropping into the author object scope
const {urlService, SafeString, escapeExpression, hbs, templates} = require('../services/proxy');
const buildInHelpers = hbs.handlebars.helpers;
const isString = require('lodash/isString');
/**
* @deprecated: single authors was superceded by multiple authors in Ghost 1.22.0
*/
module.exports = function author(options) {
if (options.fn) {
return buildInHelpers.with.call(this, this.author, options);
}
const autolink = isString(options.hash.autolink) && options.hash.autolink === 'false' ? false : true;
let output = '';
if (this.author && this.author.name) {
if (autolink) {
output = templates.link({
url: urlService.getUrlByResourceId(this.author.id, {withSubdirectory: true}),
text: escapeExpression(this.author.name)
});
} else {
output = escapeExpression(this.author.name);
}
}
return new SafeString(output);
};