From 6d64262a61e4634285b4dedd3c49831976d1e06b Mon Sep 17 00:00:00 2001 From: Dan Brown Date: Tue, 10 Mar 2026 15:03:43 +0000 Subject: [PATCH] Revision Diffs: Added filtering post-diff render --- .../Controllers/PageRevisionController.php | 13 ++++++--- tests/Entity/PageRevisionTest.php | 29 +++++++++++++++++++ 2 files changed, 38 insertions(+), 4 deletions(-) diff --git a/app/Entities/Controllers/PageRevisionController.php b/app/Entities/Controllers/PageRevisionController.php index 35f1e8daf..4bc15e6e9 100644 --- a/app/Entities/Controllers/PageRevisionController.php +++ b/app/Entities/Controllers/PageRevisionController.php @@ -12,6 +12,8 @@ use BookStack\Exceptions\NotFoundException; use BookStack\Facades\Activity; use BookStack\Http\Controller; use BookStack\Permissions\Permission; +use BookStack\Util\HtmlContentFilter; +use BookStack\Util\HtmlContentFilterConfig; use BookStack\Util\SimpleListOptions; use Illuminate\Http\Request; use Ssddanbrown\HtmlDiff\Diff; @@ -101,12 +103,15 @@ class PageRevisionController extends Controller $prev = $revision->getPreviousRevision(); $prevContent = $prev->html ?? ''; - $diff = Diff::excecute($prevContent, $revision->html); + + // TODO - Refactor PageContent so we can de-dupe these steps + $rawDiff = Diff::excecute($prevContent, $revision->html); + $filterConfig = HtmlContentFilterConfig::fromConfigString(config('app.content_filtering')); + $filter = new HtmlContentFilter($filterConfig); + $diff = $filter->filterString($rawDiff); $page->fill($revision->toArray()); - // TODO - Refactor PageContent so we don't need to juggle this - $page->html = $revision->html; - $page->html = (new PageContent($page))->render(); + $page->html = ''; $this->setPageTitle(trans('entities.pages_revision_named', ['pageName' => $page->getShortName()])); return view('pages.revision', [ diff --git a/tests/Entity/PageRevisionTest.php b/tests/Entity/PageRevisionTest.php index 3828bd06e..d74c1f488 100644 --- a/tests/Entity/PageRevisionTest.php +++ b/tests/Entity/PageRevisionTest.php @@ -47,6 +47,20 @@ class PageRevisionTest extends TestCase $revisionView->assertSee('new revision content'); } + public function test_page_revision_preview_filters_html_content() + { + $this->asEditor(); + $page = $this->entities->page(); + $this->createRevisions($page, 1, ['name' => 'updated page', 'html' => '

expectthisthough

']); + $pageRevision = $page->revisions->last(); + $this->createRevisions($page, 1, ['name' => 'updated page', 'html' => '

Updated content

']); + + $revisionView = $this->get($page->getUrl() . '/revisions/' . $pageRevision->id); + $revisionView->assertStatus(200); + $revisionView->assertSee('expectthisthough'); + $revisionView->assertDontSee('dontwantthishere'); + } + public function test_page_revision_restore_updates_content() { $this->asEditor(); @@ -215,6 +229,21 @@ class PageRevisionTest extends TestCase $html->assertElementContains('.item-list > .item-list-row:nth-child(2)', 'Changes'); } + public function test_page_changes_view_filters_html_content() + { + $this->asEditor(); + $page = $this->entities->page(); + $html = '

expectthisthough

'; + $this->createRevisions($page, 1, ['name' => 'updated page', 'html' => $html]); + $this->createRevisions($page, 1, ['name' => 'updated page', 'html' => $html]); + + $pageRevision = $page->revisions->last(); + $revisionView = $this->get("{$page->getUrl()}/revisions/{$pageRevision->id}/changes"); + $revisionView->assertStatus(200); + $revisionView->assertSee('expectthisthough'); + $revisionView->assertDontSee('dontwantthishere'); + } + public function test_revision_restore_action_only_visible_with_permission() { $page = $this->entities->page();