luckyimnotanigger/AnonymousOverflow
1
0
Fork 0
mirror of https://github.com/httpjamesm/AnonymousOverflow.git synced 2025-04-19 21:39:24 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: escape code blocks to prevent HTML injection

Browse source
This commit is contained in:
httpjamesm 2022-12-28 22:18:18 -05:00
parent 8f9091fb2a
commit 5bd9ce484f
2 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
config/version.go
View file

@ -1,3 +1,3 @@
package config
var Version = "1.2"
var Version = "1.2.1"

2
src/utils/syntax.go
View file

@ -17,7 +17,7 @@ var plainFormattedCodeRegex = regexp.MustCompile(`(?s)<pre tabindex="0" class="c
func HighlightSyntaxViaContent(content string) (htmlOut string) {
content = html.UnescapeString(content)
fallbackOut := content
fallbackOut := html.EscapeString(content)
// identify the language
lexer := lexers.Analyse(content)