diff options
Diffstat (limited to 'js')
| -rw-r--r-- | js/i18n.js | 9 |
1 files changed, 4 insertions, 5 deletions
@@ -43,12 +43,10 @@ // used to check the source text. The above comment is kept just // in case. - let reSafeTags = - /^([\s\S]*?)<(b|blockquote|code|em|i|kbd|span|sup)>(.+?)<\/\2>([\s\S]*)$/; + let reSafeTags = /^([\s\S]*?)<(b|blockquote|code|em|i|kbd|span|sup)>(.+?)<\/\2>([\s\S]*)$/; let reSafeInput = /^([\s\S]*?)<(input type="[^"]+")>(.*?)([\s\S]*)$/; let reInput = /^input type=(['"])([a-z]+)\1$/; - let reSafeLink = - /^([\s\S]*?)<(a href=['"]https?:\/\/[^'" <>]+['"])>(.+?)<\/a>([\s\S]*)$/; + let reSafeLink = /^([\s\S]*?)<(a href=['"]https?:\/\/[^'" <>]+['"])>(.+?)<\/a>([\s\S]*)$/; let reLink = /^a href=(['"])(https?:\/\/[^'"]+)\1$/; var safeTextToTagNode = function(text) { @@ -106,7 +104,8 @@ .replace(/‘/g, '‘') .replace(/’/g, '’') .replace(/</g, '<') - .replace(/>/g, '>'); + .replace(/>/g, '>') + .replace(/'/g, '\''); } return document.createTextNode(text); }; |