TextPanel: Sanitize after markdown has been rendered to html (#46166)

* Sanitize after markdown has been rendered to html

* Update e2e test
This commit is contained in:
Ashley Harrison 2022-03-03 16:50:09 +00:00 committed by GitHub
parent 994a22f4c2
commit b1125c0ba3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 4 deletions

View File

@ -27,7 +27,7 @@ e2e.scenario({
`Server:pipe = A'A"A|BB\\B|CCC`,
`Server:distributed = A'A"A,Server=BB\\B,Server=CCC`,
`Server:csv = A'A"A,BB\\B,CCC`,
`Server:html = A'A"A, BB\\B, CCC`,
`Server:html = A'A"A, BB\\B, CCC`,
`Server:json = ["A'A\\"A","BB\\\\B","CCC"]`,
`Server:percentencode = %7BA%27A%22A%2CBB%5CB%2CCCC%7D`,
`Server:singlequote = 'A\\'A"A','BB\\B','CCC'`,

View File

@ -44,9 +44,11 @@ export class TextPanel extends PureComponent<Props, State> {
prepareMarkdown(content: string): string {
// Sanitize is disabled here as we handle that after variable interpolation
return renderTextPanelMarkdown(this.interpolateAndSanitizeString(content), {
noSanitize: config.disableSanitizeHtml,
});
return this.interpolateAndSanitizeString(
renderTextPanelMarkdown(content, {
noSanitize: config.disableSanitizeHtml,
})
);
}
interpolateAndSanitizeString(content: string): string {