Fix HTML escaping for markdown parsing
Use mistune's escape option instead of `html.escape()` which messes up links.
This commit is contained in:
parent
3bc185f4e6
commit
07e6d74b91
|
@ -1,4 +1,3 @@
|
||||||
import html
|
|
||||||
import re
|
import re
|
||||||
|
|
||||||
import html_sanitizer.sanitizer as sanitizer
|
import html_sanitizer.sanitizer as sanitizer
|
||||||
|
@ -62,8 +61,9 @@ class HtmlFilter:
|
||||||
lambda el, *args, **kw: el
|
lambda el, *args, **kw: el
|
||||||
|
|
||||||
# hard_wrap: convert all \n to <br> without required two spaces
|
# hard_wrap: convert all \n to <br> without required two spaces
|
||||||
|
# escape: escape HTML characters in the input string, e.g. tags
|
||||||
self._markdown_to_html = mistune.Markdown(
|
self._markdown_to_html = mistune.Markdown(
|
||||||
hard_wrap=True, inline=MarkdownInlineLexer,
|
hard_wrap=True, escape=True, inline=MarkdownInlineLexer,
|
||||||
)
|
)
|
||||||
|
|
||||||
self._markdown_to_html.block.default_rules = [
|
self._markdown_to_html.block.default_rules = [
|
||||||
|
@ -73,13 +73,11 @@ class HtmlFilter:
|
||||||
|
|
||||||
|
|
||||||
def from_markdown(self, text: str, outgoing: bool = False) -> str:
|
def from_markdown(self, text: str, outgoing: bool = False) -> str:
|
||||||
return self.filter(self._markdown_to_html(html.escape(text)), outgoing)
|
return self.filter(self._markdown_to_html(text), outgoing)
|
||||||
|
|
||||||
|
|
||||||
def from_markdown_inline(self, text: str, outgoing: bool = False) -> str:
|
def from_markdown_inline(self, text: str, outgoing: bool = False) -> str:
|
||||||
return self.filter_inline(
|
return self.filter_inline(self._markdown_to_html(text), outgoing)
|
||||||
self._markdown_to_html(html.escape(text)), outgoing,
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
def filter_inline(self, html: str, outgoing: bool = False) -> str:
|
def filter_inline(self, html: str, outgoing: bool = False) -> str:
|
||||||
|
|
Loading…
Reference in New Issue
Block a user