diff options
| -rw-r--r-- | app/lib/formatter.rb | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/app/lib/formatter.rb b/app/lib/formatter.rb index 2c509ef19..ccebf4353 100644 --- a/app/lib/formatter.rb +++ b/app/lib/formatter.rb @@ -5,13 +5,23 @@ require_relative './sanitize_config' class HTMLRenderer < Redcarpet::Render::HTML def block_code(code, language) - "<pre><code>#{code.gsub("\n", "<br/>")}</code></pre>" + "<pre><code>#{encode(code).gsub("\n", "<br/>")}</code></pre>" end def autolink(link, link_type) return link if link_type == :email Formatter.instance.link_url(link) end + + private + + def html_entities + @html_entities ||= HTMLEntities.new + end + + def encode(html) + html_entities.encode(html) + end end class Formatter |