fix: actually render HTML out instead of obliterating it

This commit is contained in:
Paul Makles 2022-07-08 15:36:18 +01:00
parent 4a85dd69cf
commit 262b931810
2 changed files with 17 additions and 3 deletions

View file

@ -173,7 +173,12 @@ const Container = styled.div<{ largeEmoji: boolean }>`
/**
* Regex for matching execessive blockquotes
*/
const RE_QUOTE = /(^[>\s][>\s])[>\s]+([^]+)$/gm;
const RE_QUOTE = /(^[>\s][>\s])[>\s]+([^]+$)/gm;
/**
* Regex for matching open angled bracket
*/
const RE_OPEN_BRACKET = /</g;
/**
* Sanitise Markdown input before rendering
@ -181,8 +186,15 @@ const RE_QUOTE = /(^[>\s][>\s])[>\s]+([^]+)$/gm;
* @returns Sanitised string
*/
function sanitise(content: string) {
return (
content
// Strip excessive blockquote indentation
return content.replace(RE_QUOTE, (_, m0, m1) => m0 + m1);
.replace(RE_QUOTE, (_, m0, m1) => m0 + m1)
// Map < to HTML entity LT
// (otherwise all HTML is just obliterated,
// not even displayed as plain text)
.replace(RE_OPEN_BRACKET, "&lt;")
);
}
/**

View file

@ -12,6 +12,8 @@ const Mention = styled.a`
align-items: center;
display: inline-flex;
cursor: pointer;
font-weight: 600;
background: var(--secondary-background);
border-radius: calc(var(--border-radius) * 2);