From 98b11f794cd0fe828cc06d386e0b7126d5a387bb Mon Sep 17 00:00:00 2001 From: Kuuuube <61125188+Kuuuube@users.noreply.github.com> Date: Sat, 2 Mar 2024 06:25:46 -0500 Subject: Mark string and text glossary content as safe to avoid broken
(#732) --- ext/js/templates/sandbox/anki-template-renderer.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'ext/js/templates/sandbox') diff --git a/ext/js/templates/sandbox/anki-template-renderer.js b/ext/js/templates/sandbox/anki-template-renderer.js index 8fe248ac..022716c3 100644 --- a/ext/js/templates/sandbox/anki-template-renderer.js +++ b/ext/js/templates/sandbox/anki-template-renderer.js @@ -665,12 +665,12 @@ export class AnkiTemplateRenderer { const [dictionary, content] = /** @type {[dictionary: string, content: import('dictionary-data').TermGlossaryContent]} */ (args); /** @type {import('anki-templates').NoteData} */ const data = options.data.root; - if (typeof content === 'string') { return this._stringToMultiLineHtml(content); } + if (typeof content === 'string') { return this._safeString(this._stringToMultiLineHtml(content)); } if (!(typeof content === 'object' && content !== null)) { return ''; } switch (content.type) { case 'image': return this._formatGlossaryImage(content, dictionary, data); case 'structured-content': return this._formatStructuredContent(content, dictionary, data); - case 'text': return this._stringToMultiLineHtml(content.text); + case 'text': return this._safeString(this._stringToMultiLineHtml(content.text)); } return ''; } -- cgit v1.2.3