Stop escaping notes, move to parser.

app/Http/Controllers/Transaction/ShowController.php

@@ -41,8 +41,7 @@ use Symfony\Component\HttpFoundation\ParameterBag;
  */
 class ShowController extends Controller
 {
-    /** @var TransactionGroupRepositoryInterface */
-    private $repository;
+    private TransactionGroupRepositoryInterface $repository;
 
     /**
      * ShowController constructor.
@@ -103,12 +102,7 @@ class ShowController extends Controller
         $amounts = $this->getAmounts($groupArray);
         $accounts = $this->getAccounts($groupArray);
 
-        // make sure notes are escaped but not double escaped.
         foreach ($groupArray['transactions'] as $index => $transaction) {
-            $search = ['&', '>', '<'];
-            if (!Str::contains($transaction['notes'], $search)) {
-                $groupArray['transactions'][$index]['notes'] = e($transaction['notes']);
-            }
             $groupArray['transactions'][$index]['tags'] = $this->repository->getTagObjects($groupArray['transactions'][$index]['transaction_journal_id']);
         }
 

app/Models/Note.php

@@ -63,6 +63,7 @@ use Illuminate\Database\Query\Builder;
 class Note extends Model
 {
     use SoftDeletes;
+
     /**
      * The attributes that should be casted to native types.
      *
@@ -77,16 +78,6 @@ class Note extends Model
     /** @var array Fields that can be filled */
     protected $fillable = ['title', 'text', 'noteable_id', 'noteable_type'];
 
-    /**
-     * @param string|null $value
-     *
-     * @return string|null
-     */
-    public function getTextAttribute(?string $value): ?string
-    {
-        return null === $value ? null : htmlspecialchars_decode($value, ENT_QUOTES);
-    }
-
     /**
      * @codeCoverageIgnore
      *
@@ -96,14 +87,4 @@ class Note extends Model
     {
         return $this->morphTo();
     }
-
-    /**
-     * @param $value
-     *
-     * @codeCoverageIgnore
-     */
-    public function setTextAttribute(string $value): void
-    {
-        $this->attributes['text'] = e($value);
-    }
-}
+}

app/Support/Twig/General.php

@@ -28,6 +28,8 @@ use FireflyIII\Repositories\Account\AccountRepositoryInterface;
 use FireflyIII\Repositories\User\UserRepositoryInterface;
 use FireflyIII\Support\Search\OperatorQuerySearch;
 use League\CommonMark\CommonMarkConverter;
+use League\CommonMark\Environment;
+use League\CommonMark\Extension\GithubFlavoredMarkdownExtension;
 use Route;
 use Twig\Extension\AbstractExtension;
 use Twig\TwigFilter;
@@ -285,8 +287,10 @@ class General extends AbstractExtension
         return new TwigFilter(
             'markdown',
             static function (string $text): string {
-                $converter = new CommonMarkConverter;
+                $environment = Environment::createCommonMarkEnvironment();
+                $environment->addExtension(new GithubFlavoredMarkdownExtension());
 
+                $converter = new CommonMarkConverter([], $environment);
                 return $converter->convertToHtml($text);
             }, ['is_safe' => ['html']]
         );