arithefirst/svchat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: Remove escapeHTML() function

Browse Source 
Removes the `escapeHTML()` function because `markdown-it` has support
for escaping HTML, so everything remains XSS safe
This commit is contained in:
April Hall 2025-02-10 15:09:53 -05:00
parent 3aa8a9b165
commit 9fef19dbc3
Signed by: arithefirst
GPG Key ID: 4508A15C4DB91C5B
2 changed files with 0 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/lib/components/message.svelte
View File

@ -1,6 +1,5 @@
<script lang="ts"> <script lang="ts">
import { type TypeMessage } from '$lib/types'; import { type TypeMessage } from '$lib/types';
import escapeHTML from '$lib/functions/escapeHTML';
import Prose from '$lib/components/prose.svelte'; import Prose from '$lib/components/prose.svelte';
import renderMarkdown from '$lib/functions/renderMarkdown'; import renderMarkdown from '$lib/functions/renderMarkdown';
const { message, imageSrc, user }: TypeMessage = $props(); const { message, imageSrc, user }: TypeMessage = $props();

3
src/lib/functions/escapeHTML.ts
View File

@ -1,3 +0,0 @@
export default function escapeHTML(text: string) {
return text.replaceAll('&', '&amp;').replaceAll('<', '&lt;').replaceAll('>', '&gt;').replaceAll('"', '&quot;').replaceAll("'", '&#39;');
}