From 9d4ede4cffae47b9fd81ffbd0f2edff47c29e224 Mon Sep 17 00:00:00 2001
From: Wu Cheng-Han
Date: Sat, 26 Nov 2016 22:55:31 +0800
Subject: Fix possible XSS in yaml-metadata and turn using ejs escape syntax
 than external lib [Security Issue]

---
 public/js/pretty.js | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

(limited to 'public/js/pretty.js')

diff --git a/public/js/pretty.js b/public/js/pretty.js
index f43df90c..c1a471a1 100644
--- a/public/js/pretty.js
+++ b/public/js/pretty.js
@@ -4,9 +4,6 @@ require('../css/site.css');
 
 require('highlight.js/styles/github-gist.css');
 
-/* other vendors plugin */
-var S = require('string');
-
 var extra = require('./extra');
 var md = extra.md;
 var finishView = extra.finishView;
@@ -22,7 +19,7 @@ var scrollToHash = extra.scrollToHash;
 var preventXSS = require('./render').preventXSS;
 
 var markdown = $("#doc.markdown-body");
-var text = S(markdown.html()).unescapeHTML().s;
+var text = markdown.text();
 var lastMeta = md.meta;
 md.meta = {};
 var rendered = md.render(text);
-- 
cgit v1.2.3