Skip to content

Commit

Permalink
Rely less on DOM sanitization for *marked* work-around
Browse files Browse the repository at this point in the history
* Additional check just keeps it cleaner but the browser could change how it handles an isolated close tag... so just don't create it if it's blocked with a pre block test... plus a few bytes less out. Only need to do this on additions. `.replace` on empty string doesn't add nor on another tag such as `a` which can show up here.

Post OpenUserJS#2014 and applies to OpenUserJS#1775
  • Loading branch information
Martii committed Nov 12, 2023
1 parent b8c9f1e commit 1def10e
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion libs/markdown.js
Original file line number Diff line number Diff line change
Expand Up @@ -154,7 +154,7 @@ blockRenderers.forEach(function (aType) {
openTagName = matches[1];
}
matches = arguments[0].match(/^<\/([a-z]+)>$/);
if (matches) {
if (matches && !!sanitize('<' + matches[1] + '></' + matches[1] + '>')) {
closeTagName = matches[1];
}
}
Expand Down

0 comments on commit 1def10e

Please sign in to comment.