TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-05 18:34:39 +03:00
Code Issues Projects Releases Wiki Activity

Fix embedded code being removed

Browse Source 
no issue
- changed order of escaping
This commit is contained in:
Sebastian Gierlinger 2014-08-05 14:11:20 +02:00
parent 954fde1cd2
commit aec440bbd0
1 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
core/client/helpers/gh-format-markdown.js
View File

@ -4,20 +4,20 @@ import cajaSanitizers from 'ghost/utils/caja-sanitizers';
var showdown = new Showdown.converter({extensions: ['ghostimagepreview', 'ghostgfm']});
var formatMarkdown = Ember.Handlebars.makeBoundHelper(function (markdown) {
var html = '';
// replace script and iFrame
markdown = markdown.replace(/<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi,
'<pre class="js-embed-placeholder">Embedded JavaScript</pre>');
markdown = markdown.replace(/<iframe\b[^<]*(?:(?!<\/iframe>)<[^<]*)*<\/iframe>/gi,
'<pre class="iframe-embed-placeholder">Embedded iFrame</pre>');
var escapedhtml = '';
// convert markdown to HTML
html = showdown.makeHtml(markdown || '');
escapedhtml = showdown.makeHtml(markdown || '');
// replace script and iFrame
escapedhtml = escapedhtml.replace(/<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi,
'<pre class="js-embed-placeholder">Embedded JavaScript</pre>');
escapedhtml = escapedhtml.replace(/<iframe\b[^<]*(?:(?!<\/iframe>)<[^<]*)*<\/iframe>/gi,
'<pre class="iframe-embed-placeholder">Embedded iFrame</pre>');
// sanitize html
html = html_sanitize(html, cajaSanitizers.url, cajaSanitizers.id);
return new Handlebars.SafeString(html);
escapedhtml = html_sanitize(escapedhtml, cajaSanitizers.url, cajaSanitizers.id);
return new Handlebars.SafeString(escapedhtml);
});
export default formatMarkdown;