routes: sanitize readme content for non markdown files
Anirudh Oppiliappan x@icyphox.sh
Thu, 16 Jan 2025 11:39:54 +0200
1 files changed,
2 insertions(+),
1 deletions(-)
jump to
M
routes/routes.go
→
routes/routes.go
@@ -121,8 +121,9 @@ )
html := bluemonday.UGCPolicy().SanitizeBytes(unsafe) readmeContent = template.HTML(html) default: + safe := bluemonday.UGCPolicy().SanitizeBytes([]byte(content)) readmeContent = template.HTML( - fmt.Sprintf(`<pre>%s</pre>`, content), + fmt.Sprintf(`<pre>%s</pre>`, safe), ) } break