From 95ba9c0291c4b94027596244775e3e73a06a0312 Mon Sep 17 00:00:00 2001
From: pimlie <pimlie@hotmail.com>
Date: Fri, 8 Mar 2019 12:58:22 +0100
Subject: [PATCH] refactor: extract escape method

---
 src/shared/escape.js | 47 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 src/shared/escape.js

diff --git a/src/shared/escape.js b/src/shared/escape.js
new file mode 100644
index 0000000..5dfc3d3
--- /dev/null
+++ b/src/shared/escape.js
@@ -0,0 +1,47 @@
+import { metaInfoOptionKeys, disableOptionKeys } from './constants'
+import isArray from './isArray'
+import { isString, isObject } from './typeof'
+
+// sanitizes potentially dangerous characters
+export default function escape(info, { tagIDKeyName }, escapeSequences = []) {
+  const escaped = {}
+
+  for (const key in info) {
+    const value = info[key]
+
+    // no need to escape configuration options
+    if (metaInfoOptionKeys.includes(key)) {
+      escaped[key] = value
+      continue
+    }
+
+    let disableKey = disableOptionKeys[0]
+    if (info[disableKey] && info[disableKey].includes(key)) {
+      // this info[key] doesnt need to escaped if the option is listed in __dangerouslyDisableSanitizers
+      escaped[key] = value
+      continue
+    }
+
+    if (info[tagIDKeyName]) {
+      disableKey = disableOptionKeys[1]
+
+      // items which vmid is listed in __dangerouslyDisableSanitizersByTagID do not need to be escaped
+      if (info[disableKey] && info[disableKey][key] && info[disableKey][key].includes(info[tagIDKeyName])) {
+        escaped[key] = value
+        continue
+      }
+    }
+
+    if (isString(value)) {
+      escaped[key] = escapeSequences.reduce((val, [v, r]) => val.replace(v, r), value)
+    } else if (isArray(value)) {
+      escaped[key] = value.map(v => escape(v, { tagIDKeyName }, escapeSequences))
+    } else if (isObject(value)) {
+      escaped[key] = escape(value, { tagIDKeyName }, escapeSequences)
+    } else {
+      escaped[key] = value
+    }
+  }
+
+  return escaped
+}