diff options
| author | Jhaura Wachsman <jw@jhaurawachsman.com> | 2020-07-17 22:11:15 +0300 |
|---|---|---|
| committer | Jhaura Wachsman <jw@jhaurawachsman.com> | 2020-07-17 22:11:15 +0300 |
| commit | 3a95c96443f5c2c772893ff8f6edd33b7508cae8 (patch) | |
| tree | f159387bc761e93e70bf07b059771ba061c0c900 | |
| parent | b202e3bc482cf034bc1d5036aa57e895c713208b (diff) | |
Add safeHTML function on user input text/html
| -rw-r--r-- | layouts/partials/alert.html | 4 | ||||
| -rw-r--r-- | layouts/partials/button.html | 4 | ||||
| -rw-r--r-- | layouts/partials/figure.html | 6 |
3 files changed, 7 insertions, 7 deletions
diff --git a/layouts/partials/alert.html b/layouts/partials/alert.html index e6ce17b..7f17380 100644 --- a/layouts/partials/alert.html +++ b/layouts/partials/alert.html @@ -15,6 +15,6 @@ {{- $textColor100 := index (dict "default" "text-raven-100" "info" "text-blue-100" "warn" "text-orange-100" "alert" "text-red-100") $type -}} {{- $textColor700 := index (dict "default" "text-raven-700" "info" "text-blue-700" "warn" "text-orange-700" "alert" "text-red-700") $type -}} <div class="flex items-center justify-center font-content-sans rounded {{ $bgColor100 }} px-4 py-4" role="alert"> - <span class="text-xs font-bold uppercase leading-none rounded-full {{ $textColor100 }} {{ $bgColor500 }} px-2 py-1 mr-3">{{ $badge }}</span> - <span class="font-semibold {{ $textColor700 }}">{{ .message | markdownify }}</span> + <span class="text-xs font-bold uppercase leading-none rounded-full {{ $textColor100 }} {{ $bgColor500 }} px-2 py-1 mr-3">{{ $badge | safeHTML }}</span> + <span class="font-semibold {{ $textColor700 }}">{{ .message | markdownify | safeHTML }}</span> </div> diff --git a/layouts/partials/button.html b/layouts/partials/button.html index 3738425..ce47680 100644 --- a/layouts/partials/button.html +++ b/layouts/partials/button.html @@ -28,13 +28,13 @@ {{- with $svg }} {{ . | safeHTML }} {{- end }} - <span>{{ $text }}</span> + <span>{{ $text | safeHTML }}</span> </a> {{- else }} <button class="{{ $class }}" role="button"> {{- with $svg }} {{ . | safeHTML }} {{- end }} - <span>{{ $text }}</span> + <span>{{ $text | safeHTML }}</span> </button> {{- end }} diff --git a/layouts/partials/figure.html b/layouts/partials/figure.html index 0e2d525..062f30d 100644 --- a/layouts/partials/figure.html +++ b/layouts/partials/figure.html @@ -46,13 +46,13 @@ height="{{ . }}" {{- if or (or (.title) (.caption)) (.attr) }} <figcaption class="{{ $captionClass }}"> {{- with (.title) }} -<h4>{{ . }}</h4> +<h4>{{ . | safeHTML }}</h4> {{- end }} {{- if or (.caption) (.attr) }} -<p>{{- .caption | markdownify -}} +<p>{{- .caption | markdownify | safeHTML -}} {{ if .attr }} {{ end }}{{/* yup, just a space */}} {{- with .attrlink }}<a href="{{ . }}">{{- end -}} -{{ .attr | markdownify }} +{{ .attr | markdownify | safeHTML }} {{- if .attrlink }}</a>{{- end -}} </p> {{- end }} |