smig/excalidraw
1
0
Fork 0
mirror of https://github.com/excalidraw/excalidraw.git synced 2025-05-03 10:00:07 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: hyperlinks html entities (#9063)

Browse source
This commit is contained in:
David Luzar 2025-01-29 19:02:54 +01:00 committed by GitHub
parent 52eaf64591
commit a3e1619635
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 15 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

17
packages/excalidraw/utils.ts
View file

@ -1226,15 +1226,10 @@ export class PromisePool<T> {
}
}
export const sanitizeHTMLAttribute = (html: string) => {
return (
html
// note, if we're not doing stupid things, escaping " is enough,
// but we might end up doing stupid things
.replace(/&/g, "&amp;")
.replace(/"/g, "&quot;")
.replace(/'/g, "&#39;")
.replace(/>/g, "&gt;")
.replace(/</g, "&lt;")
);
/**
* use when you need to render unsafe string as HTML attribute, but MAKE SURE
* the attribute is double-quoted when constructing the HTML string
*/
export const escapeDoubleQuotes = (str: string) => {
return str.replace(/"/g, "&quot;");
};