escape html before parsing commonmark

This commit is contained in:
Michele Guerini Rocco 2019-09-21 01:38:17 +02:00
parent 15c1cd5d66
commit 1659176c0d
Signed by: rnhmjoj
GPG Key ID: BFBAF4C975F76450

View File

@ -324,10 +324,25 @@ utils::linkifyMessage(const QString &body)
return doc; return doc;
} }
QByteArray escapeRawHtml(const QByteArray &data) {
QByteArray buffer;
const size_t length = data.size();
buffer.reserve(length);
for(size_t pos = 0; pos != length; ++pos) {
switch(data.at(pos)) {
case '&': buffer.append("&"); break;
case '<': buffer.append("&lt;"); break;
case '>': buffer.append("&gt;"); break;
default: buffer.append(data.at(pos)); break;
}
}
return buffer;
}
QString QString
utils::markdownToHtml(const QString &text) utils::markdownToHtml(const QString &text)
{ {
const auto str = text.toUtf8(); const auto str = escapeRawHtml(text.toUtf8());
const char *tmp_buf = const char *tmp_buf =
cmark_markdown_to_html(str.constData(), str.size(), CMARK_OPT_DEFAULT); cmark_markdown_to_html(str.constData(), str.size(), CMARK_OPT_DEFAULT);