aboutsummaryrefslogtreecommitdiffstats
path: root/src/filters.js
diff options
context:
space:
mode:
Diffstat (limited to 'src/filters.js')
-rw-r--r--src/filters.js25
1 files changed, 16 insertions, 9 deletions
diff --git a/src/filters.js b/src/filters.js
index 103cd2de..c87e41f4 100644
--- a/src/filters.js
+++ b/src/filters.js
@@ -111,8 +111,12 @@ angularFilter.lowercase = lowercase;
angularFilter.uppercase = uppercase;
-angularFilter.html = function(html){
- return new HTML(html);
+/**</>
+ * @exportedAs filter:html
+ * @param {string=} option if 'unsafe' then do not sanitize the HTML input
+ */
+angularFilter.html = function(html, option){
+ return new HTML(html, option);
};
angularFilter.linky = function(text){
@@ -124,15 +128,18 @@ angularFilter.linky = function(text){
var match;
var raw = text;
var html = [];
+ var writer = htmlSanitizeWriter(html);
+ var url;
+ var i;
while (match=raw.match(URL)) {
- var url = match[0].replace(/[\.\;\,\(\)\{\}\<\>]$/,'');
- var i = raw.indexOf(url);
- html.push(escapeHtml(raw.substr(0, i)));
- html.push('<a href="' + url + '">');
- html.push(url);
- html.push('</a>');
+ url = match[0].replace(/[\.\;\,\(\)\{\}\<\>]$/,'');
+ i = raw.indexOf(url);
+ writer.chars(raw.substr(0, i));
+ writer.start('a', {href:url});
+ writer.chars(url);
+ writer.end('a');
raw = raw.substring(i + url.length);
}
- html.push(escapeHtml(raw));
+ writer.chars(raw);
return new HTML(html.join(''));
};
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-01 07:11:13 +0000