escape disallowedTagsMode

pmndrs · Aug 24, 2024 · 5df19c5 · 5df19c5
1 parent f572cb4
commit 5df19c5
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 4 deletions.
diff --git a/src/components/Search/SearchItem.tsx b/src/components/Search/SearchItem.tsx
@@ -18,6 +18,8 @@ export interface SearchItemProps {
 function sanitizeAllHtmlButMark(str: string) {
  return sanitizeHtml(str, {
  allowedTags: ['mark'],
+ allowedAttributes: false,
+ disallowedTagsMode: 'escape',
  })
 }
 
@@ -38,16 +40,16 @@ function SearchItem({ search, result }: SearchItemProps) {
  // `,
  // }}
  >
- <div className="block pb-1 text-xs text-on-surface-variant/50">${result.label}</div>
+ <div className="block pb-1 text-xs text-on-surface-variant/50">{result.label}</div>
  <span
  dangerouslySetInnerHTML={{
- __html: sanitizeAllHtmlButMark(highlight(result.title, search)),
+ __html: highlight(sanitizeAllHtmlButMark(result.title), search),
  }}
  />
  <div className="block pt-2 text-sm text-on-surface-variant/50">
  <span
  dangerouslySetInnerHTML={{
- __html: sanitizeAllHtmlButMark(highlight(result.content, search)),
+ __html: highlight(sanitizeAllHtmlButMark(result.content), search),
  }}
  />
  </div>

diff --git a/src/components/mdx/Toc/rehypeToc.ts b/src/components/mdx/Toc/rehypeToc.ts
@@ -48,7 +48,7 @@ export const rehypeToc = (target: DocToC[] = [], url: string, page: string) => {
  const content: string[] = []
  let sibling2: Node | undefined = root.children[siblingIndex2]
  while (sibling2) {
- if (RegExp(`^h${level}$`).test(sibling2.tagName)) break
+ if (RegExp(`^h${level}$`).test(sibling2.tagName)) break // stop at the next (same-level) heading
 
  content.push(toString(sibling2))
  sibling2 = root.children[siblingIndex2++]