diff options
Diffstat (limited to 'public/js/slide.js')
| -rw-r--r-- | public/js/slide.js | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/public/js/slide.js b/public/js/slide.js index 293ebfe2..b88ac022 100644 --- a/public/js/slide.js +++ b/public/js/slide.js @@ -4,9 +4,10 @@ require('../css/extra.css') require('../css/site.css') +import { preventXSS } from './render' import { md, updateLastChange, removeDOMEvents, finishView } from './extra' -const body = $('.slides').text() +const body = preventXSS($('.slides').text()) window.createtime = window.lastchangeui.time.attr('data-createtime') window.lastchangetime = window.lastchangeui.time.attr('data-updatetime') @@ -54,6 +55,8 @@ const slideOptions = { const slides = RevealMarkdown.slidify(body, slideOptions) $('.slides').html(slides) RevealMarkdown.initialize() +// fix < and > were doubly escaped +$('.slides')[0].innerHTML = $('.slides')[0].innerHTML.replace(/&lt;/g, '<').replace(/&gt;/g, '>') removeDOMEvents($('.slides')) $('.slides').show() |