From 0e6fb082841b9b6601cce25c5c0a744ac0219b14 Mon Sep 17 00:00:00 2001 From: Nutomic <me@nutomic.com> Date: Fri, 28 Jul 2023 14:23:46 +0200 Subject: [PATCH] Restore markdown quotes after sanitize (#3708) (#3749) --- crates/api_common/src/utils.rs | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/crates/api_common/src/utils.rs b/crates/api_common/src/utils.rs index 8ccb7d3f..5a678191 100644 --- a/crates/api_common/src/utils.rs +++ b/crates/api_common/src/utils.rs @@ -798,10 +798,12 @@ pub fn generate_moderators_url(community_id: &DbUrl) -> Result<DbUrl, LemmyError /// Sanitize HTML with default options. Additionally, dont allow bypassing markdown /// links and images pub fn sanitize_html(data: &str) -> String { - ammonia::Builder::default() + let sanitized = ammonia::Builder::default() .rm_tags(&["a", "img"]) .clean(data) - .to_string() + .to_string(); + // restore markdown quotes + sanitized.replace(">", ">") } pub fn sanitize_html_opt(data: &Option<String>) -> Option<String> { -- 2.44.1