diff --git a/app/Http/Controllers/Transaction/ShowController.php b/app/Http/Controllers/Transaction/ShowController.php index 7a4ae30d31..d0fff749d3 100644 --- a/app/Http/Controllers/Transaction/ShowController.php +++ b/app/Http/Controllers/Transaction/ShowController.php @@ -41,8 +41,7 @@ use Symfony\Component\HttpFoundation\ParameterBag; */ class ShowController extends Controller { - /** @var TransactionGroupRepositoryInterface */ - private $repository; + private TransactionGroupRepositoryInterface $repository; /** * ShowController constructor. @@ -103,12 +102,7 @@ class ShowController extends Controller $amounts = $this->getAmounts($groupArray); $accounts = $this->getAccounts($groupArray); - // make sure notes are escaped but not double escaped. foreach ($groupArray['transactions'] as $index => $transaction) { - $search = ['&', '>', '<']; - if (!Str::contains($transaction['notes'], $search)) { - $groupArray['transactions'][$index]['notes'] = e($transaction['notes']); - } $groupArray['transactions'][$index]['tags'] = $this->repository->getTagObjects($groupArray['transactions'][$index]['transaction_journal_id']); } diff --git a/app/Models/Note.php b/app/Models/Note.php index 83c4b822ab..aa11e1408e 100644 --- a/app/Models/Note.php +++ b/app/Models/Note.php @@ -63,6 +63,7 @@ use Illuminate\Database\Query\Builder; class Note extends Model { use SoftDeletes; + /** * The attributes that should be casted to native types. * @@ -77,16 +78,6 @@ class Note extends Model /** @var array Fields that can be filled */ protected $fillable = ['title', 'text', 'noteable_id', 'noteable_type']; - /** - * @param string|null $value - * - * @return string|null - */ - public function getTextAttribute(?string $value): ?string - { - return null === $value ? null : htmlspecialchars_decode($value, ENT_QUOTES); - } - /** * @codeCoverageIgnore * @@ -96,14 +87,4 @@ class Note extends Model { return $this->morphTo(); } - - /** - * @param $value - * - * @codeCoverageIgnore - */ - public function setTextAttribute(string $value): void - { - $this->attributes['text'] = e($value); - } -} +} \ No newline at end of file diff --git a/app/Support/Twig/General.php b/app/Support/Twig/General.php index d0c1a5c6b0..da52d53fb1 100644 --- a/app/Support/Twig/General.php +++ b/app/Support/Twig/General.php @@ -28,6 +28,8 @@ use FireflyIII\Repositories\Account\AccountRepositoryInterface; use FireflyIII\Repositories\User\UserRepositoryInterface; use FireflyIII\Support\Search\OperatorQuerySearch; use League\CommonMark\CommonMarkConverter; +use League\CommonMark\Environment; +use League\CommonMark\Extension\GithubFlavoredMarkdownExtension; use Route; use Twig\Extension\AbstractExtension; use Twig\TwigFilter; @@ -285,8 +287,10 @@ class General extends AbstractExtension return new TwigFilter( 'markdown', static function (string $text): string { - $converter = new CommonMarkConverter; + $environment = Environment::createCommonMarkEnvironment(); + $environment->addExtension(new GithubFlavoredMarkdownExtension()); + $converter = new CommonMarkConverter([], $environment); return $converter->convertToHtml($text); }, ['is_safe' => ['html']] );