sanitizar el markdown al mostrarlo

This commit is contained in:
f 2020-06-09 15:51:33 -03:00
parent 3300e65022
commit 230ea30484

View file

@ -2,10 +2,10 @@
# Contenido con el editor de Markdown
class MetadataMarkdownContent < MetadataContent
# Renderizar a HTML
# Renderizar a HTML y sanitizar
def to_s
CommonMarker.render_doc(value, %i[FOOTNOTES SMART],
%i[table strikethrough autolink]).to_html
sanitize CommonMarker.render_doc(value, %i[FOOTNOTES SMART],
%i[table strikethrough autolink]).to_html
end
# XXX: No sanitizamos acá porque se escapan varios símbolos de