Cleanup markdown sanitization

snap-cloud · Feb 13, 2024 · 917b096 · 917b096
1 parent c80572f
commit 917b096
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/app/helpers/format_helper.rb b/app/helpers/format_helper.rb
@@ -190,7 +190,8 @@ def markdown(text, escape_html = true)
       safe_links_only: true
     }
     markdown = Redcarpet::Markdown.new(Redcarpet::Render::HTML.new(render_options), markdown_options)
-    escape_html ? sanitize(sanitize(markdown.render(text)), scrubber: Loofah::Scrubbers::NoFollow.new) : markdown.render(text).html_safe
+    rendered = sanitize(markdown.render(text))
+    escape_html ? sanitize(rendered, scrubber: Loofah::Scrubbers::NoFollow.new) : rendered.html_safe
   end
 
   def markdown_hint(text = '')