f.weber/homebrewery
0
0
Fork 0
mirror of https://github.com/naturalcrit/homebrewery.git synced 2025-12-27 22:22:42 +00:00
Code Wiki Activity

Merge pull request #2406 from G-Ambatte/addStyleSanitization-#1437

Browse Source 
Add sanitization of Style content
This commit is contained in:
Trevor Buckner
2023-07-08 02:23:56 -04:00
committed by GitHub
parent fe324d6822 085cb99562
commit bd0ef5da48
4 changed files with 14 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
shared/naturalcrit/markdown.js
View File

@@ -313,12 +313,6 @@ const escape = function (html, encode) {
return html;
};
const sanatizeScriptTags = (content)=>{
return content
.replace(/<script/ig, '&lt;script')
.replace(/<\/script>/ig, '&lt;/script&gt;');
};
const tagTypes = ['div', 'span', 'a'];
const tagRegex = new RegExp(`(${
_.map(tagTypes, (type)=>{
@@ -349,7 +343,7 @@ module.exports = {
render : (rawBrewText)=>{
rawBrewText = rawBrewText.replace(/^\\column$/gm, `\n<div class='columnSplit'></div>\n`)
.replace(/^(:+)$/gm, (match)=>`${`<div class='blank'></div>`.repeat(match.length)}\n`);
return Marked.parse(sanatizeScriptTags(rawBrewText));
return Marked.parse(rawBrewText);
},
validate : (rawBrewText)=>{

8
shared/naturalcrit/markdownLegacy.js
View File

@@ -90,12 +90,6 @@ const escape = function (html, encode) {
return html;
};
const sanatizeScriptTags = (content)=>{
return content
.replace(/<script/ig, '&lt;script')
.replace(/<\/script>/ig, '&lt;/script&gt;');
};
const tagTypes = ['div', 'span', 'a'];
const tagRegex = new RegExp(`(${
_.map(tagTypes, (type)=>{
@@ -113,7 +107,7 @@ module.exports = {
marked : Markdown,
render : (rawBrewText)=>{
return Markdown(
sanatizeScriptTags(rawBrewText),
rawBrewText,
{ renderer: renderer }
);
},