@codebam/cf-workers-telegram-bot 12.1.0 → 12.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/dist/utils.js +7 -6
  2. package/package.json +1 -1
package/dist/utils.js CHANGED
@@ -31,17 +31,18 @@ export async function markdownToHtml(s) {
31
31
  };
32
32
  renderer.strong = ({ tokens }) => `<b>${renderer.parser.parseInline(tokens)}</b>`;
33
33
  renderer.em = ({ tokens }) => `<i>${renderer.parser.parseInline(tokens)}</i>`;
34
- renderer.codespan = ({ text }) => `<code>${text}</code>`;
34
+ const escapeHtml = (text) => text.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
35
+ renderer.codespan = ({ text }) => `<code>${escapeHtml(text)}</code>`;
35
36
  renderer.code = ({ text, lang }) => {
36
- const escapedText = text.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
37
+ const escapedText = escapeHtml(text);
37
38
  if (lang) {
38
39
  return `<pre><code class="language-${lang}">${escapedText}</code></pre>\n`;
39
40
  }
40
41
  return `<pre><code>${escapedText}</code></pre>\n`;
41
42
  };
42
43
  renderer.del = ({ tokens }) => `<s>${renderer.parser.parseInline(tokens)}</s>`;
43
- renderer.link = ({ href, tokens }) => `<a href="${href}">${renderer.parser.parseInline(tokens)}</a>`;
44
- renderer.image = ({ href, text }) => `<a href="${href}">${text}</a>`;
44
+ renderer.link = ({ href, tokens }) => `<a href="${escapeHtml(href)}">${renderer.parser.parseInline(tokens)}</a>`;
45
+ renderer.image = ({ href, text }) => `<a href="${escapeHtml(href)}">${escapeHtml(text)}</a>`;
45
46
  renderer.blockquote = ({ tokens }) => {
46
47
  return `<blockquote>${renderer.parser.parse(tokens)}</blockquote>\n`;
47
48
  };
@@ -60,14 +61,14 @@ export async function markdownToHtml(s) {
60
61
  }
61
62
  }
62
63
  // Escape everything else
63
- return text.replace(/</g, '&lt;').replace(/>/g, '&gt;');
64
+ return escapeHtml(text);
64
65
  };
65
66
  renderer.text = (token) => {
66
67
  if ('tokens' in token && token.tokens) {
67
68
  return renderer.parser.parseInline(token.tokens);
68
69
  }
69
70
  // Escape standard HTML entities
70
- return token.text.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
71
+ return escapeHtml(token.text);
71
72
  };
72
73
  marked.setOptions({
73
74
  gfm: true,
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@codebam/cf-workers-telegram-bot",
3
- "version": "12.1.0",
3
+ "version": "12.2.0",
4
4
  "description": "serverless telegram bot on cf workers",
5
5
  "main": "./dist/main.js",
6
6
  "module": "./dist/main.js",