Spaces:
Running
Running
🐛 Remove sanitized < (#71)
Browse files
src/lib/components/CodeBlock.svelte
CHANGED
@@ -17,7 +17,7 @@
|
|
17 |
|
18 |
<div class="group relative rounded-lg my-4">
|
19 |
<pre class="overflow-auto px-5 py-3.5"><code class="language-{lang}"
|
20 |
-
>{@html highlightedCode || code}</code
|
21 |
></pre>
|
22 |
<CopyToClipBoardBtn
|
23 |
classNames="absolute top-2 right-2 invisible opacity-0 group-hover:visible group-hover:opacity-100"
|
|
|
17 |
|
18 |
<div class="group relative rounded-lg my-4">
|
19 |
<pre class="overflow-auto px-5 py-3.5"><code class="language-{lang}"
|
20 |
+
>{@html highlightedCode || code.replaceAll("<", "<")}</code
|
21 |
></pre>
|
22 |
<CopyToClipBoardBtn
|
23 |
classNames="absolute top-2 right-2 invisible opacity-0 group-hover:visible group-hover:opacity-100"
|
src/lib/components/chat/ChatMessage.svelte
CHANGED
@@ -8,7 +8,10 @@
|
|
8 |
import IconLoading from "../icons/IconLoading.svelte";
|
9 |
|
10 |
function sanitizeMd(md: string) {
|
11 |
-
return md.replaceAll("<", "<");
|
|
|
|
|
|
|
12 |
}
|
13 |
|
14 |
export let message: Message;
|
@@ -18,9 +21,18 @@
|
|
18 |
let loadingEl: any;
|
19 |
let pendingTimeout: NodeJS.Timeout;
|
20 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
21 |
const options: marked.MarkedOptions = {
|
22 |
...marked.getDefaults(),
|
23 |
gfm: true,
|
|
|
24 |
};
|
25 |
|
26 |
$: tokens = marked.lexer(sanitizeMd(message.content));
|
@@ -62,7 +74,7 @@
|
|
62 |
>
|
63 |
{#each tokens as token}
|
64 |
{#if token.type === "code"}
|
65 |
-
<CodeBlock lang={token.lang} code={token.text} />
|
66 |
{:else}
|
67 |
{@html marked.parser([token], options)}
|
68 |
{/if}
|
|
|
8 |
import IconLoading from "../icons/IconLoading.svelte";
|
9 |
|
10 |
function sanitizeMd(md: string) {
|
11 |
+
return md.replaceAll("&", "&").replaceAll("<", "<");
|
12 |
+
}
|
13 |
+
function unsanitizeMd(md: string) {
|
14 |
+
return md.replaceAll("<", "<").replaceAll("&", "&");
|
15 |
}
|
16 |
|
17 |
export let message: Message;
|
|
|
21 |
let loadingEl: any;
|
22 |
let pendingTimeout: NodeJS.Timeout;
|
23 |
|
24 |
+
const renderer = new marked.Renderer();
|
25 |
+
|
26 |
+
// For code blocks with simple backticks
|
27 |
+
renderer.codespan = (code) => {
|
28 |
+
// Unsanitize double-sanitized code
|
29 |
+
return `<code>${code.replaceAll("&", "&")}</code>`;
|
30 |
+
};
|
31 |
+
|
32 |
const options: marked.MarkedOptions = {
|
33 |
...marked.getDefaults(),
|
34 |
gfm: true,
|
35 |
+
renderer,
|
36 |
};
|
37 |
|
38 |
$: tokens = marked.lexer(sanitizeMd(message.content));
|
|
|
74 |
>
|
75 |
{#each tokens as token}
|
76 |
{#if token.type === "code"}
|
77 |
+
<CodeBlock lang={token.lang} code={unsanitizeMd(token.text)} />
|
78 |
{:else}
|
79 |
{@html marked.parser([token], options)}
|
80 |
{/if}
|