Skip to content

Commit

Permalink
Fix incomplete comments in safe mode not being escaped
Browse files Browse the repository at this point in the history
  • Loading branch information
Crozzers committed Jan 3, 2024
1 parent b94feac commit 82f2ea6
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 1 deletion.
2 changes: 1 addition & 1 deletion lib/markdown2.py
Original file line number Diff line number Diff line change
Expand Up @@ -2639,7 +2639,7 @@ def _encode_amps_and_angles(self, text):
text = self._naked_gt_re.sub('>', text)
return text

_incomplete_tags_re = re.compile(r"<(/?\w+?(?!\w)\s*?.+?[\s/]+?)")
_incomplete_tags_re = re.compile(r"<(!--|/?\w+?(?!\w)\s*?.+?[\s/]+?)")

def _encode_incomplete_tags(self, text):
if self.safe_mode not in ("replace", "escape"):
Expand Down
2 changes: 2 additions & 0 deletions test/tm-cases/basic_safe_mode_escape.html
Original file line number Diff line number Diff line change
Expand Up @@ -3,3 +3,5 @@
<p>&lt;div&gt;yowzer!&lt;/div&gt;</p>

<p>blah</p>

<p><em>foo</em> &lt;!-- <em>bar</em></p>
3 changes: 3 additions & 0 deletions test/tm-cases/basic_safe_mode_escape.text
Original file line number Diff line number Diff line change
Expand Up @@ -3,3 +3,6 @@ blah <img src="dangerous"> blah
<div>yowzer!</div>

blah


*foo* <!-- *bar*

0 comments on commit 82f2ea6

Please sign in to comment.