From 056ff3230698a3bec8ab75897b2085032b513b3a Mon Sep 17 00:00:00 2001
From: Alexander Bilz <mail@alexbilz.com>
Date: Thu, 26 Dec 2024 13:16:14 +0000
Subject: [PATCH] fix: unsafe html warnings (#531)
---
layouts/_default/rss.xml | 4 ++--
exampleSite/config/_default/hugo.toml | 2 +-
layouts/index.html | 4 ++--
3 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/exampleSite/config/_default/hugo.toml b/exampleSite/config/_default/hugo.toml
index 890025d..0f4e988 100644
--- a/exampleSite/config/_default/hugo.toml
+++ b/exampleSite/config/_default/hugo.toml
@@ -25,7 +25,7 @@
[markup]
[markup.goldmark]
[markup.goldmark.renderer]
- unsafe=true
+ unsafe=false
[taxonomies]
category = "categories"
diff --git a/layouts/_default/rss.xml b/layouts/_default/rss.xml
index b926875..0a52ebc 100644
--- a/layouts/_default/rss.xml
+++ b/layouts/_default/rss.xml
@@ -33,11 +33,11 @@
{{ with .Site.Author.email }}<author>{{.}}{{ with $.Site.Author.name }} ({{.}}){{end}}</author>{{end}}
<guid>{{ .Permalink }}</guid>
{{ if eq .Site.Params.rssFullContent true }}
- <description>{{ .Content | html }}</description>
+ <description>{{ .Content | safeHTML }}</description>
{{ else if .Description }}
<description>{{ .Description }}</description>
{{ else }}
- <description>{{ .Summary | html }}</description>
+ <description>{{ .Summary | safeHTML }}</description>
{{ end }}
</item>
{{ end }}
diff --git a/layouts/index.html b/layouts/index.html
index fef6fc3..e3ff826 100644
--- a/layouts/index.html
+++ b/layouts/index.html
@@ -55,9 +55,9 @@
<h3><a href="{{ .RelPermalink }}">{{ upper .Title }}</a></h3>
{{ end }}
{{ if .Site.Params.fullPostContent }}
- <p>{{ .Content | markdownify }}</p>
+ <p>{{ .Content | safeHTML }}</p>
{{ else }}
- <p>{{ .Summary | markdownify }}</p>
+ <p>{{ .Summary | safeHTML }}</p>
{{ end }}
<!-- add read more -->
{{- if and (.Truncated) (.Site.Params.readMore) -}}
--
Gitblit v1.10.0