From fe912f73ecaaca340dca049dc5eb79c056cd8497 Mon Sep 17 00:00:00 2001 From: Wu Cheng-Han Date: Mon, 17 Oct 2016 17:54:58 +0800 Subject: Fix code block highlighting html not escaped when no languages specified --- public/js/extra.js | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/public/js/extra.js b/public/js/extra.js index bec7fc78..fd22fc80 100644 --- a/public/js/extra.js +++ b/public/js/extra.js @@ -449,13 +449,16 @@ function finishView(view) { var langDiv = $(value).find('code.hljs'); if (langDiv.length > 0) { var reallang = langDiv[0].className.replace(/hljs|wrap/g, '').trim(); - if (!reallang) return; var codeDiv = $(value).find('.code'); var code = ""; if (codeDiv.length > 0) code = codeDiv.html(); else code = langDiv.html(); code = md.utils.unescapeAll(code); - if (reallang == "tiddlywiki" || reallang == "mediawiki") { + if (!reallang) { + var result = { + value: md.utils.escapeHtml(code) + }; + } else if (reallang == "tiddlywiki" || reallang == "mediawiki") { var result = { value: Prism.highlight(code, Prism.languages.wiki) }; -- cgit v1.2.3