escape html before parsing commonmark

pull/93/head
rnhmjoj 5 years ago
parent 15c1cd5d66
commit 1659176c0d
No known key found for this signature in database
GPG Key ID: BFBAF4C975F76450
  1. 17
      src/Utils.cpp

@ -324,10 +324,25 @@ utils::linkifyMessage(const QString &body)
return doc; return doc;
} }
QByteArray escapeRawHtml(const QByteArray &data) {
QByteArray buffer;
const size_t length = data.size();
buffer.reserve(length);
for(size_t pos = 0; pos != length; ++pos) {
switch(data.at(pos)) {
case '&': buffer.append("&"); break;
case '<': buffer.append("&lt;"); break;
case '>': buffer.append("&gt;"); break;
default: buffer.append(data.at(pos)); break;
}
}
return buffer;
}
QString QString
utils::markdownToHtml(const QString &text) utils::markdownToHtml(const QString &text)
{ {
const auto str = text.toUtf8(); const auto str = escapeRawHtml(text.toUtf8());
const char *tmp_buf = const char *tmp_buf =
cmark_markdown_to_html(str.constData(), str.size(), CMARK_OPT_DEFAULT); cmark_markdown_to_html(str.constData(), str.size(), CMARK_OPT_DEFAULT);

Loading…
Cancel
Save