diff options
| author | hmhealey <harrisonmhealey@gmail.com> | 2015-09-19 11:01:38 -0400 |
|---|---|---|
| committer | hmhealey <harrisonmhealey@gmail.com> | 2015-09-19 11:18:32 -0400 |
| commit | 5f18c71d07e8ea0ac3f9053ad0a67c5380e613ef (patch) | |
| tree | fad29e44135a25514e73f92e82705f306c16609c /web/react | |
| parent | 2eb320f48a66b42832b758e5fc6700358aef34ed (diff) | |
| download | chat-5f18c71d07e8ea0ac3f9053ad0a67c5380e613ef.tar.gz chat-5f18c71d07e8ea0ac3f9053ad0a67c5380e613ef.tar.bz2 chat-5f18c71d07e8ea0ac3f9053ad0a67c5380e613ef.zip | |
Deferred to marked.js's html sanitization when markdown is enabled
Diffstat (limited to 'web/react')
| -rw-r--r-- | web/react/utils/text_formatting.jsx | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/web/react/utils/text_formatting.jsx b/web/react/utils/text_formatting.jsx index 537ddb394..47b56cc3c 100644 --- a/web/react/utils/text_formatting.jsx +++ b/web/react/utils/text_formatting.jsx @@ -21,7 +21,14 @@ export function formatText(text, options = {}) { // TODO remove me options.markdown = true; - let output = sanitizeHtml(text); + // wait until marked can sanitize the html so that we don't break markdown block quotes + let output; + if (!options.markdown) { + output = sanitizeHtml(text); + } else { + output = text; + } + const tokens = new Map(); // replace important words and phrases with tokens @@ -40,7 +47,10 @@ export function formatText(text, options = {}) { // perform markdown parsing while we have an html-free input string if (options.markdown) { console.log('output before marked ' + output); - output = marked(output, {renderer: markdownRenderer}); + output = marked(output, { + renderer: markdownRenderer, + sanitize: true + }); console.log('output after marked ' + output); } |