From cb9a212cc7a10231dd36bc164394721afe26969f Mon Sep 17 00:00:00 2001 From: radishzzz Date: Sun, 23 Mar 2025 18:50:14 +0000 Subject: [PATCH] fix: prevent HTML tags from being escaped in article descriptions --- .vscode/settings.json | 1 + src/utils/description.ts | 22 ++++++++++++---------- 2 files changed, 13 insertions(+), 10 deletions(-) diff --git a/.vscode/settings.json b/.vscode/settings.json index 5826c03..90b090b 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -62,6 +62,7 @@ "abbrlink", "antfu", "apiflash", + "apos", "Artículos", "astrodotbuild", "astrojs", diff --git a/src/utils/description.ts b/src/utils/description.ts index 04018e8..82e740e 100644 --- a/src/utils/description.ts +++ b/src/utils/description.ts @@ -1,12 +1,12 @@ import type { CollectionEntry } from 'astro:content' import { defaultLocale } from '@/config' import MarkdownIt from 'markdown-it' -import sanitizeHtml from 'sanitize-html' - -const parser = new MarkdownIt() type ExcerptScene = 'list' | 'meta' | 'og' | 'rss' +const parser = new MarkdownIt() +const isCJKLang = (lang: string) => ['zh', 'zh-tw', 'ja'].includes(lang) + // Excerpt length in different scenarios const EXCERPT_LENGTHS: Record ['zh', 'zh-tw', 'ja'].includes(lang) - // Generate an excerpt from Markdown content export function generateExcerpt( content: string, @@ -45,11 +43,15 @@ export function generateExcerpt( ? EXCERPT_LENGTHS[scene].cjk : EXCERPT_LENGTHS[scene].other - // Convert Markdown to plain text - const plainText = sanitizeHtml(parser.render(content), { - allowedTags: [], - allowedAttributes: {}, - }) + // Remove all HTML tags and decode HTML entities + const plainText = parser.render(content) + .replace(/<[^>]*>/g, '') + .replace(/</g, '<') + .replace(/>/g, '>') + .replace(/&/g, '&') + .replace(/"/g, '"') + .replace(/'/g, '\'') + .replace(/ /g, ' ') // Replace line breaks with spaces const normalizedText = plainText.replace(/\s+/g, ' ')