diff options
Diffstat (limited to 'public')
| -rw-r--r-- | public/js/render.js | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/public/js/render.js b/public/js/render.js index 88a05bde..e2574b5f 100644 --- a/public/js/render.js +++ b/public/js/render.js @@ -27,7 +27,7 @@ var filterXSSOptions = { whiteList: whiteList, escapeHtml: function (html) { // allow html comment in multiple lines - return html.replace(/<(.*?)>/g, '<$1>') + return html.replace(/<(?!!--)/g, '<').replace(/-->/g, '__HTML_COMMENT_END__').replace(/>/g, '>').replace(/__HTML_COMMENT_END__/g, '-->') }, onIgnoreTag: function (tag, html, options) { // allow comment tag |