Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sanitization strips out actual content #1

Closed
smrq opened this issue Dec 16, 2014 · 2 comments · Fixed by #2
Closed

Sanitization strips out actual content #1

smrq opened this issue Dec 16, 2014 · 2 comments · Fixed by #2

Comments

@smrq
Copy link
Contributor

smrq commented Dec 16, 2014

The sanitization is a bit overzealous, which can remove real content. Example:

render('```sh\n$ gulp test\n```');

Yields

<pre><code class="lang-sh">$ gulp \n</code></pre>\n

The word "test" is removed because pre-sanitization it looks like...

<pre><code class="lang-sh">$ gulp <span class="hljs-built_in">test</span>\n</code></pre>\n

Note the underscore in the hljs-built_in class, which doesn't match the regexp in the sanitizer.

@rlidwka
Copy link
Owner

rlidwka commented Dec 21, 2014

Thanks a lot! Any other characters I missed for highlight-js?

I wish we'd have a highlighter ran after sanitizer, but it isn't currently possible. :(

@smrq
Copy link
Contributor Author

smrq commented Dec 21, 2014

Not sure, I haven't noticed anything else though.
On Dec 21, 2014 11:48 AM, "Alex Kocharin" notifications@github.com wrote:

Thanks a lot! Any other characters I missed for highlight-js?

I wish we'd have a highlighter ran after sanitizer, but it isn't currently
possible. :(


Reply to this email directly or view it on GitHub
#1 (comment).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants