Fix the < and > symbols are doubly escaped which affected by executing preventXSS twice

author: Wu Cheng-Han 2017-09-27 18:22:49 +0800
committer: Wu Cheng-Han 2017-09-27 18:22:49 +0800
commit: fe384d80bf03a4d33fd38500cbaaf2ec3abb8bdb (patch)
tree: e84863160580675b3cd4f99f31ea4ad6d3362080
parent: f2743ff8f87d79556ced7e038dd3486f19f116b0 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/public/js/slide.js b/public/js/slide.js
index 59a352ec..b88ac022 100644
--- a/public/js/slide.js
+++ b/public/js/slide.js
@@ -55,6 +55,8 @@ const slideOptions = {
 const slides = RevealMarkdown.slidify(body, slideOptions)
 $('.slides').html(slides)
 RevealMarkdown.initialize()
+// fix < and > were doubly escaped
+$('.slides')[0].innerHTML = $('.slides')[0].innerHTML.replace(/&amp;lt;/g, '&lt;').replace(/&amp;gt;/g, '&gt;')
 removeDOMEvents($('.slides'))
 $('.slides').show()
author	Wu Cheng-Han	2017-09-27 18:22:49 +0800
committer	Wu Cheng-Han	2017-09-27 18:22:49 +0800
commit	fe384d80bf03a4d33fd38500cbaaf2ec3abb8bdb (patch)
tree	e84863160580675b3cd4f99f31ea4ad6d3362080
parent	f2743ff8f87d79556ced7e038dd3486f19f116b0 (diff)