@handled-ai/design-system 0.20.5 → 0.20.7

package/dist/internal/safe-html.js

@@ -30,6 +30,8 @@ const ALLOWED_TAGS = /* @__PURE__ */ new Set([
   "s",
   "span",
   "strong",
+  "sub",
+  "sup",
   "table",
   "tbody",
   "td",
@@ -40,7 +42,7 @@ const ALLOWED_TAGS = /* @__PURE__ */ new Set([
   "ul"
 ]);
 const VOID_TAGS = /* @__PURE__ */ new Set(["br", "hr", "img"]);
-const SAFE_GLOBAL_ATTRS = /* @__PURE__ */ new Set(["aria-label", "role", "title"]);
+const SAFE_GLOBAL_ATTRS = /* @__PURE__ */ new Set(["aria-label", "dir", "lang", "role", "title"]);
 const SAFE_URL_PROTOCOLS = /* @__PURE__ */ new Set(["http:", "https:", "mailto:", "tel:"]);
 function escapeHtml(value) {
   return value.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;");
@@ -96,15 +98,70 @@ function sanitizeClassName(value) {
   const safeTokens = value.split(/\s+/).map((token) => token.trim()).filter((token) => /^[A-Za-z0-9_-]+$/.test(token));
   return safeTokens.length ? safeTokens.join(" ") : null;
 }
+function sanitizeDimension(value) {
+  const trimmed = value.trim();
+  if (/^\d{1,4}$/.test(trimmed)) return trimmed;
+  return null;
+}
+function sanitizeLanguage(value) {
+  const trimmed = value.trim();
+  if (/^[A-Za-z]{1,8}(?:-[A-Za-z0-9]{1,8})*$/.test(trimmed)) return trimmed;
+  return null;
+}
+function sanitizeDirection(value) {
+  const trimmed = value.trim().toLowerCase();
+  return trimmed === "ltr" || trimmed === "rtl" || trimmed === "auto" ? trimmed : null;
+}
+function sanitizeFontSize(value) {
+  const trimmed = value.trim().toLowerCase();
+  const match = trimmed.match(/^(\d+(?:\.\d+)?)(px|em|rem|%)$/);
+  if (!match) return null;
+  const amount = Number.parseFloat(match[1]);
+  const unit = match[2];
+  const maxByUnit = { px: 72, em: 4, rem: 4, "%": 400 };
+  if (!Number.isFinite(amount) || amount <= 0 || amount > maxByUnit[unit]) return null;
+  return `${amount}${unit}`;
+}
+function sanitizeStyle(value) {
+  const declarations = [];
+  for (const rawDeclaration of value.split(";")) {
+    const separatorIndex = rawDeclaration.indexOf(":");
+    if (separatorIndex === -1) continue;
+    const property = rawDeclaration.slice(0, separatorIndex).trim().toLowerCase();
+    const rawValue = decodeHtmlEntities(rawDeclaration.slice(separatorIndex + 1)).trim().toLowerCase();
+    if (!property || !rawValue || /url\s*\(|expression\s*\(/i.test(rawValue)) continue;
+    if (property === "vertical-align" && (rawValue === "super" || rawValue === "sub")) {
+      declarations.push(`vertical-align: ${rawValue}`);
+      continue;
+    }
+    if (property === "font-size") {
+      const fontSize = sanitizeFontSize(rawValue);
+      if (fontSize) declarations.push(`font-size: ${fontSize}`);
+    }
+  }
+  return declarations.length ? declarations.join("; ") : null;
+}
 function sanitizeAttribute(tagName, name, value) {
   const attr = name.toLowerCase();
-  if (attr.startsWith("on") || attr === "style" || attr === "srcdoc" || attr === "formaction" || attr === "xlink:href" || attr === "xmlns") {
+  if (attr.startsWith("on") || attr === "srcdoc" || attr === "formaction" || attr === "xlink:href" || attr === "xmlns") {
     return null;
   }
+  if (attr === "style") {
+    const safeStyle = sanitizeStyle(value);
+    return safeStyle ? `style="${escapeAttribute(safeStyle)}"` : null;
+  }
   if (attr === "class") {
     const safeClassName = sanitizeClassName(value);
     return safeClassName ? `class="${escapeAttribute(safeClassName)}"` : null;
   }
+  if (attr === "dir") {
+    const safeDirection = sanitizeDirection(value);
+    return safeDirection ? `dir="${escapeAttribute(safeDirection)}"` : null;
+  }
+  if (attr === "lang") {
+    const safeLanguage = sanitizeLanguage(value);
+    return safeLanguage ? `lang="${escapeAttribute(safeLanguage)}"` : null;
+  }
   if (SAFE_GLOBAL_ATTRS.has(attr) || attr.startsWith("aria-")) {
     return `${attr}="${escapeAttribute(value)}"`;
   }
@@ -114,9 +171,13 @@ function sanitizeAttribute(tagName, name, value) {
   if (tagName === "img" && attr === "src" && isSafeUrl(value)) {
     return `src="${escapeAttribute(value)}"`;
   }
-  if (tagName === "img" && (attr === "alt" || attr === "width" || attr === "height")) {
+  if (tagName === "img" && attr === "alt") {
     return `${attr}="${escapeAttribute(value)}"`;
   }
+  if (tagName === "img" && (attr === "width" || attr === "height")) {
+    const safeDimension = sanitizeDimension(value);
+    return safeDimension ? `${attr}="${escapeAttribute(safeDimension)}"` : null;
+  }
   if ((tagName === "td" || tagName === "th") && (attr === "colspan" || attr === "rowspan")) {
     return `${attr}="${escapeAttribute(value)}"`;
   }

package/dist/internal/safe-html.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/internal/safe-html.ts"],"sourcesContent":["const DANGEROUS_BLOCK_TAGS = new Set([\n  \"script\",\n  \"style\",\n  \"iframe\",\n  \"object\",\n  \"embed\",\n  \"svg\",\n  \"math\",\n  \"template\",\n  \"noscript\",\n  \"textarea\",\n  \"select\",\n])\n\nconst ALLOWED_TAGS = new Set([\n  \"a\",\n  \"b\",\n  \"blockquote\",\n  \"br\",\n  \"code\",\n  \"del\",\n  \"div\",\n  \"em\",\n  \"hr\",\n  \"i\",\n  \"img\",\n  \"li\",\n  \"ol\",\n  \"p\",\n  \"pre\",\n  \"s\",\n  \"span\",\n  \"strong\",\n  \"table\",\n  \"tbody\",\n  \"td\",\n  \"th\",\n  \"thead\",\n  \"tr\",\n  \"u\",\n  \"ul\",\n])\n\nconst VOID_TAGS = new Set([\"br\", \"hr\", \"img\"])\nconst SAFE_GLOBAL_ATTRS = new Set([\"aria-label\", \"role\", \"title\"])\nconst SAFE_URL_PROTOCOLS = new Set([\"http:\", \"https:\", \"mailto:\", \"tel:\"])\n\nfunction escapeHtml(value: string): string {\n  return value\n    .replace(/&/g, \"&amp;\")\n    .replace(/</g, \"&lt;\")\n    .replace(/>/g, \"&gt;\")\n}\n\nfunction escapeAttribute(value: string): string {\n  return escapeHtml(value).replace(/\"/g, \"&quot;\")\n}\n\nfunction safeCodePoint(value: number): string {\n  return Number.isInteger(value) && value >= 0 && value <= 0x10ffff ? String.fromCodePoint(value) : \"\"\n}\n\nfunction decodeHtmlEntities(value: string): string {\n  const namedEntities: Record<string, string> = {\n    amp: \"&\",\n    apos: \"'\",\n    colon: \":\",\n    gt: \">\",\n    lt: \"<\",\n    newline: \"\\n\",\n    quot: '\"',\n    tab: \"\\t\",\n  }\n\n  let decoded = value\n  for (let i = 0; i < 4; i += 1) {\n    const next = decoded\n      .replace(/&#x([0-9a-f]+);?/gi, (_match, hex: string) => {\n        const codePoint = Number.parseInt(hex, 16)\n        return safeCodePoint(codePoint)\n      })\n      .replace(/&#(\\d+);?/g, (_match, decimal: string) => {\n        const codePoint = Number.parseInt(decimal, 10)\n        return safeCodePoint(codePoint)\n      })\n      .replace(/&([a-z]+);/gi, (match, name: string) => namedEntities[name.toLowerCase()] ?? match)\n\n    if (next === decoded) return decoded\n    decoded = next\n  }\n\n  return decoded\n}\n\nfunction isSafeUrl(value: string): boolean {\n  const decoded = decodeHtmlEntities(value).replace(/[\\u0000-\\u001f\\u007f\\s]+/g, \"\").trim()\n  if (!decoded) return false\n  if (decoded.startsWith(\"//\")) return false\n  if (decoded.startsWith(\"#\") || decoded.startsWith(\"/\") || decoded.startsWith(\"./\") || decoded.startsWith(\"../\")) {\n    return true\n  }\n\n  try {\n    return SAFE_URL_PROTOCOLS.has(new URL(decoded, \"https://handled.local\").protocol)\n  } catch {\n    return false\n  }\n}\n\nfunction sanitizeClassName(value: string): string | null {\n  const safeTokens = value\n    .split(/\\s+/)\n    .map((token) => token.trim())\n    .filter((token) => /^[A-Za-z0-9_-]+$/.test(token))\n\n  return safeTokens.length ? safeTokens.join(\" \") : null\n}\n\nfunction sanitizeAttribute(tagName: string, name: string, value: string): string | null {\n  const attr = name.toLowerCase()\n\n  if (\n    attr.startsWith(\"on\") ||\n    attr === \"style\" ||\n    attr === \"srcdoc\" ||\n    attr === \"formaction\" ||\n    attr === \"xlink:href\" ||\n    attr === \"xmlns\"\n  ) {\n    return null\n  }\n\n  if (attr === \"class\") {\n    const safeClassName = sanitizeClassName(value)\n    return safeClassName ? `class=\"${escapeAttribute(safeClassName)}\"` : null\n  }\n\n  if (SAFE_GLOBAL_ATTRS.has(attr) || attr.startsWith(\"aria-\")) {\n    return `${attr}=\"${escapeAttribute(value)}\"`\n  }\n\n  if (tagName === \"a\" && attr === \"href\" && isSafeUrl(value)) {\n    return `href=\"${escapeAttribute(value)}\"`\n  }\n\n  if (tagName === \"img\" && attr === \"src\" && isSafeUrl(value)) {\n    return `src=\"${escapeAttribute(value)}\"`\n  }\n\n  if (tagName === \"img\" && (attr === \"alt\" || attr === \"width\" || attr === \"height\")) {\n    return `${attr}=\"${escapeAttribute(value)}\"`\n  }\n\n  if ((tagName === \"td\" || tagName === \"th\") && (attr === \"colspan\" || attr === \"rowspan\")) {\n    return `${attr}=\"${escapeAttribute(value)}\"`\n  }\n\n  return null\n}\n\nfunction sanitizeAttributes(tagName: string, rawAttributes = \"\"): string {\n  const attributes: string[] = []\n  const attrPattern = /([A-Za-z_:][-A-Za-z0-9_:.]*)(?:\\s*=\\s*(?:\"([^\"]*)\"|'([^']*)'|([^\\s\"'=<>`]+)))?/g\n  let match: RegExpExecArray | null\n\n  while ((match = attrPattern.exec(rawAttributes)) !== null) {\n    const [, name, doubleQuotedValue, singleQuotedValue, unquotedValue] = match\n    const value = doubleQuotedValue ?? singleQuotedValue ?? unquotedValue ?? \"\"\n    const safeAttribute = sanitizeAttribute(tagName, name, value)\n    if (safeAttribute) attributes.push(safeAttribute)\n  }\n\n  if (tagName === \"a\" && attributes.some((attr) => attr.startsWith(\"href=\"))) {\n    attributes.push('target=\"_blank\"', 'rel=\"noopener noreferrer\"')\n  }\n\n  return attributes.length ? ` ${attributes.join(\" \")}` : \"\"\n}\n\nfunction findTagEnd(html: string, startIndex: number): number {\n  let quote: '\"' | \"'\" | null = null\n\n  for (let i = startIndex + 1; i < html.length; i += 1) {\n    const char = html[i]\n    if (quote) {\n      if (char === quote) quote = null\n      continue\n    }\n\n    if (char === '\"' || char === \"'\") {\n      quote = char\n      continue\n    }\n\n    if (char === \">\") return i\n  }\n\n  return -1\n}\n\nfunction parseTag(rawTag: string): { closing: boolean; name: string; attributes: string } | null {\n  const match = rawTag.match(/^<\\s*(\\/)?\\s*([A-Za-z][A-Za-z0-9:-]*)\\b([\\s\\S]*?)\\/?>$/)\n  if (!match) return null\n\n  return {\n    closing: !!match[1],\n    name: match[2].toLowerCase(),\n    attributes: match[3] ?? \"\",\n  }\n}\n\nfunction findDangerousClose(html: string, tagName: string, fromIndex: number): number {\n  const closePattern = new RegExp(`</\\\\s*${tagName}\\\\s*>`, \"ig\")\n  closePattern.lastIndex = fromIndex\n  const match = closePattern.exec(html)\n  return match ? closePattern.lastIndex : -1\n}\n\n/**\n * Conservative, deterministic sanitizer for user/email supplied HTML rendered by\n * design-system components. It keeps common email formatting tags while removing\n * executable tags, event handlers, inline styles, and unsafe URLs. This stays\n * dependency-free for the shared package and intentionally favors stripping\n * ambiguous email content over preserving every possible HTML feature.\n */\nexport function sanitizeHtml(html: string): string {\n  let output = \"\"\n  let cursor = 0\n\n  while (cursor < html.length) {\n    const tagStart = html.indexOf(\"<\", cursor)\n    if (tagStart === -1) {\n      output += html.slice(cursor)\n      break\n    }\n\n    output += html.slice(cursor, tagStart)\n\n    if (html.startsWith(\"<!--\", tagStart)) {\n      const commentEnd = html.indexOf(\"-->\", tagStart + 4)\n      cursor = commentEnd === -1 ? html.length : commentEnd + 3\n      continue\n    }\n\n    const tagEnd = findTagEnd(html, tagStart)\n    if (tagEnd === -1) {\n      output += escapeHtml(html.slice(tagStart))\n      break\n    }\n\n    const rawTag = html.slice(tagStart, tagEnd + 1)\n    const parsed = parseTag(rawTag)\n    if (!parsed) {\n      cursor = tagEnd + 1\n      continue\n    }\n\n    if (DANGEROUS_BLOCK_TAGS.has(parsed.name)) {\n      const closeEnd = parsed.closing ? -1 : findDangerousClose(html, parsed.name, tagEnd + 1)\n      cursor = closeEnd === -1 ? tagEnd + 1 : closeEnd\n      continue\n    }\n\n    if (ALLOWED_TAGS.has(parsed.name)) {\n      if (parsed.closing) {\n        if (!VOID_TAGS.has(parsed.name)) output += `</${parsed.name}>`\n      } else {\n        output += `<${parsed.name}${sanitizeAttributes(parsed.name, parsed.attributes)}>`\n      }\n    }\n\n    cursor = tagEnd + 1\n  }\n\n  return output\n}\n\nexport function htmlToTextSnippet(html: string, maxLength = 140): string {\n  return sanitizeHtml(html)\n    .replace(/<[^>]+>/g, \" \")\n    .replace(/\\s+/g, \" \")\n    .trim()\n    .slice(0, maxLength)\n}\n"],"mappings":"AAAA,MAAM,uBAAuB,oBAAI,IAAI;AAAA,EACnC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAED,MAAM,eAAe,oBAAI,IAAI;AAAA,EAC3B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAED,MAAM,YAAY,oBAAI,IAAI,CAAC,MAAM,MAAM,KAAK,CAAC;AAC7C,MAAM,oBAAoB,oBAAI,IAAI,CAAC,cAAc,QAAQ,OAAO,CAAC;AACjE,MAAM,qBAAqB,oBAAI,IAAI,CAAC,SAAS,UAAU,WAAW,MAAM,CAAC;AAEzE,SAAS,WAAW,OAAuB;AACzC,SAAO,MACJ,QAAQ,MAAM,OAAO,EACrB,QAAQ,MAAM,MAAM,EACpB,QAAQ,MAAM,MAAM;AACzB;AAEA,SAAS,gBAAgB,OAAuB;AAC9C,SAAO,WAAW,KAAK,EAAE,QAAQ,MAAM,QAAQ;AACjD;AAEA,SAAS,cAAc,OAAuB;AAC5C,SAAO,OAAO,UAAU,KAAK,KAAK,SAAS,KAAK,SAAS,UAAW,OAAO,cAAc,KAAK,IAAI;AACpG;AAEA,SAAS,mBAAmB,OAAuB;AACjD,QAAM,gBAAwC;AAAA,IAC5C,KAAK;AAAA,IACL,MAAM;AAAA,IACN,OAAO;AAAA,IACP,IAAI;AAAA,IACJ,IAAI;AAAA,IACJ,SAAS;AAAA,IACT,MAAM;AAAA,IACN,KAAK;AAAA,EACP;AAEA,MAAI,UAAU;AACd,WAAS,IAAI,GAAG,IAAI,GAAG,KAAK,GAAG;AAC7B,UAAM,OAAO,QACV,QAAQ,sBAAsB,CAAC,QAAQ,QAAgB;AACtD,YAAM,YAAY,OAAO,SAAS,KAAK,EAAE;AACzC,aAAO,cAAc,SAAS;AAAA,IAChC,CAAC,EACA,QAAQ,cAAc,CAAC,QAAQ,YAAoB;AAClD,YAAM,YAAY,OAAO,SAAS,SAAS,EAAE;AAC7C,aAAO,cAAc,SAAS;AAAA,IAChC,CAAC,EACA,QAAQ,gBAAgB,CAAC,OAAO,SAAc;AArFrD;AAqFwD,iCAAc,KAAK,YAAY,CAAC,MAAhC,YAAqC;AAAA,KAAK;AAE9F,QAAI,SAAS,QAAS,QAAO;AAC7B,cAAU;AAAA,EACZ;AAEA,SAAO;AACT;AAEA,SAAS,UAAU,OAAwB;AACzC,QAAM,UAAU,mBAAmB,KAAK,EAAE,QAAQ,6BAA6B,EAAE,EAAE,KAAK;AACxF,MAAI,CAAC,QAAS,QAAO;AACrB,MAAI,QAAQ,WAAW,IAAI,EAAG,QAAO;AACrC,MAAI,QAAQ,WAAW,GAAG,KAAK,QAAQ,WAAW,GAAG,KAAK,QAAQ,WAAW,IAAI,KAAK,QAAQ,WAAW,KAAK,GAAG;AAC/G,WAAO;AAAA,EACT;AAEA,MAAI;AACF,WAAO,mBAAmB,IAAI,IAAI,IAAI,SAAS,uBAAuB,EAAE,QAAQ;AAAA,EAClF,SAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEA,SAAS,kBAAkB,OAA8B;AACvD,QAAM,aAAa,MAChB,MAAM,KAAK,EACX,IAAI,CAAC,UAAU,MAAM,KAAK,CAAC,EAC3B,OAAO,CAAC,UAAU,mBAAmB,KAAK,KAAK,CAAC;AAEnD,SAAO,WAAW,SAAS,WAAW,KAAK,GAAG,IAAI;AACpD;AAEA,SAAS,kBAAkB,SAAiB,MAAc,OAA8B;AACtF,QAAM,OAAO,KAAK,YAAY;AAE9B,MACE,KAAK,WAAW,IAAI,KACpB,SAAS,WACT,SAAS,YACT,SAAS,gBACT,SAAS,gBACT,SAAS,SACT;AACA,WAAO;AAAA,EACT;AAEA,MAAI,SAAS,SAAS;AACpB,UAAM,gBAAgB,kBAAkB,KAAK;AAC7C,WAAO,gBAAgB,UAAU,gBAAgB,aAAa,CAAC,MAAM;AAAA,EACvE;AAEA,MAAI,kBAAkB,IAAI,IAAI,KAAK,KAAK,WAAW,OAAO,GAAG;AAC3D,WAAO,GAAG,IAAI,KAAK,gBAAgB,KAAK,CAAC;AAAA,EAC3C;AAEA,MAAI,YAAY,OAAO,SAAS,UAAU,UAAU,KAAK,GAAG;AAC1D,WAAO,SAAS,gBAAgB,KAAK,CAAC;AAAA,EACxC;AAEA,MAAI,YAAY,SAAS,SAAS,SAAS,UAAU,KAAK,GAAG;AAC3D,WAAO,QAAQ,gBAAgB,KAAK,CAAC;AAAA,EACvC;AAEA,MAAI,YAAY,UAAU,SAAS,SAAS,SAAS,WAAW,SAAS,WAAW;AAClF,WAAO,GAAG,IAAI,KAAK,gBAAgB,KAAK,CAAC;AAAA,EAC3C;AAEA,OAAK,YAAY,QAAQ,YAAY,UAAU,SAAS,aAAa,SAAS,YAAY;AACxF,WAAO,GAAG,IAAI,KAAK,gBAAgB,KAAK,CAAC;AAAA,EAC3C;AAEA,SAAO;AACT;AAEA,SAAS,mBAAmB,SAAiB,gBAAgB,IAAY;AAhKzE;AAiKE,QAAM,aAAuB,CAAC;AAC9B,QAAM,cAAc;AACpB,MAAI;AAEJ,UAAQ,QAAQ,YAAY,KAAK,aAAa,OAAO,MAAM;AACzD,UAAM,CAAC,EAAE,MAAM,mBAAmB,mBAAmB,aAAa,IAAI;AACtE,UAAM,SAAQ,2DAAqB,sBAArB,YAA0C,kBAA1C,YAA2D;AACzE,UAAM,gBAAgB,kBAAkB,SAAS,MAAM,KAAK;AAC5D,QAAI,cAAe,YAAW,KAAK,aAAa;AAAA,EAClD;AAEA,MAAI,YAAY,OAAO,WAAW,KAAK,CAAC,SAAS,KAAK,WAAW,OAAO,CAAC,GAAG;AAC1E,eAAW,KAAK,mBAAmB,2BAA2B;AAAA,EAChE;AAEA,SAAO,WAAW,SAAS,IAAI,WAAW,KAAK,GAAG,CAAC,KAAK;AAC1D;AAEA,SAAS,WAAW,MAAc,YAA4B;AAC5D,MAAI,QAA0B;AAE9B,WAAS,IAAI,aAAa,GAAG,IAAI,KAAK,QAAQ,KAAK,GAAG;AACpD,UAAM,OAAO,KAAK,CAAC;AACnB,QAAI,OAAO;AACT,UAAI,SAAS,MAAO,SAAQ;AAC5B;AAAA,IACF;AAEA,QAAI,SAAS,OAAO,SAAS,KAAK;AAChC,cAAQ;AACR;AAAA,IACF;AAEA,QAAI,SAAS,IAAK,QAAO;AAAA,EAC3B;AAEA,SAAO;AACT;AAEA,SAAS,SAAS,QAA+E;AAxMjG;AAyME,QAAM,QAAQ,OAAO,MAAM,wDAAwD;AACnF,MAAI,CAAC,MAAO,QAAO;AAEnB,SAAO;AAAA,IACL,SAAS,CAAC,CAAC,MAAM,CAAC;AAAA,IAClB,MAAM,MAAM,CAAC,EAAE,YAAY;AAAA,IAC3B,aAAY,WAAM,CAAC,MAAP,YAAY;AAAA,EAC1B;AACF;AAEA,SAAS,mBAAmB,MAAc,SAAiB,WAA2B;AACpF,QAAM,eAAe,IAAI,OAAO,SAAS,OAAO,SAAS,IAAI;AAC7D,eAAa,YAAY;AACzB,QAAM,QAAQ,aAAa,KAAK,IAAI;AACpC,SAAO,QAAQ,aAAa,YAAY;AAC1C;AASO,SAAS,aAAa,MAAsB;AACjD,MAAI,SAAS;AACb,MAAI,SAAS;AAEb,SAAO,SAAS,KAAK,QAAQ;AAC3B,UAAM,WAAW,KAAK,QAAQ,KAAK,MAAM;AACzC,QAAI,aAAa,IAAI;AACnB,gBAAU,KAAK,MAAM,MAAM;AAC3B;AAAA,IACF;AAEA,cAAU,KAAK,MAAM,QAAQ,QAAQ;AAErC,QAAI,KAAK,WAAW,QAAQ,QAAQ,GAAG;AACrC,YAAM,aAAa,KAAK,QAAQ,OAAO,WAAW,CAAC;AACnD,eAAS,eAAe,KAAK,KAAK,SAAS,aAAa;AACxD;AAAA,IACF;AAEA,UAAM,SAAS,WAAW,MAAM,QAAQ;AACxC,QAAI,WAAW,IAAI;AACjB,gBAAU,WAAW,KAAK,MAAM,QAAQ,CAAC;AACzC;AAAA,IACF;AAEA,UAAM,SAAS,KAAK,MAAM,UAAU,SAAS,CAAC;AAC9C,UAAM,SAAS,SAAS,MAAM;AAC9B,QAAI,CAAC,QAAQ;AACX,eAAS,SAAS;AAClB;AAAA,IACF;AAEA,QAAI,qBAAqB,IAAI,OAAO,IAAI,GAAG;AACzC,YAAM,WAAW,OAAO,UAAU,KAAK,mBAAmB,MAAM,OAAO,MAAM,SAAS,CAAC;AACvF,eAAS,aAAa,KAAK,SAAS,IAAI;AACxC;AAAA,IACF;AAEA,QAAI,aAAa,IAAI,OAAO,IAAI,GAAG;AACjC,UAAI,OAAO,SAAS;AAClB,YAAI,CAAC,UAAU,IAAI,OAAO,IAAI,EAAG,WAAU,KAAK,OAAO,IAAI;AAAA,MAC7D,OAAO;AACL,kBAAU,IAAI,OAAO,IAAI,GAAG,mBAAmB,OAAO,MAAM,OAAO,UAAU,CAAC;AAAA,MAChF;AAAA,IACF;AAEA,aAAS,SAAS;AAAA,EACpB;AAEA,SAAO;AACT;AAEO,SAAS,kBAAkB,MAAc,YAAY,KAAa;AACvE,SAAO,aAAa,IAAI,EACrB,QAAQ,YAAY,GAAG,EACvB,QAAQ,QAAQ,GAAG,EACnB,KAAK,EACL,MAAM,GAAG,SAAS;AACvB;","names":[]}
+{"version":3,"sources":["../../src/internal/safe-html.ts"],"sourcesContent":["const DANGEROUS_BLOCK_TAGS = new Set([\n  \"script\",\n  \"style\",\n  \"iframe\",\n  \"object\",\n  \"embed\",\n  \"svg\",\n  \"math\",\n  \"template\",\n  \"noscript\",\n  \"textarea\",\n  \"select\",\n])\n\nconst ALLOWED_TAGS = new Set([\n  \"a\",\n  \"b\",\n  \"blockquote\",\n  \"br\",\n  \"code\",\n  \"del\",\n  \"div\",\n  \"em\",\n  \"hr\",\n  \"i\",\n  \"img\",\n  \"li\",\n  \"ol\",\n  \"p\",\n  \"pre\",\n  \"s\",\n  \"span\",\n  \"strong\",\n  \"sub\",\n  \"sup\",\n  \"table\",\n  \"tbody\",\n  \"td\",\n  \"th\",\n  \"thead\",\n  \"tr\",\n  \"u\",\n  \"ul\",\n])\n\nconst VOID_TAGS = new Set([\"br\", \"hr\", \"img\"])\nconst SAFE_GLOBAL_ATTRS = new Set([\"aria-label\", \"dir\", \"lang\", \"role\", \"title\"])\nconst SAFE_URL_PROTOCOLS = new Set([\"http:\", \"https:\", \"mailto:\", \"tel:\"])\n\nfunction escapeHtml(value: string): string {\n  return value\n    .replace(/&/g, \"&amp;\")\n    .replace(/</g, \"&lt;\")\n    .replace(/>/g, \"&gt;\")\n}\n\nfunction escapeAttribute(value: string): string {\n  return escapeHtml(value).replace(/\"/g, \"&quot;\")\n}\n\nfunction safeCodePoint(value: number): string {\n  return Number.isInteger(value) && value >= 0 && value <= 0x10ffff ? String.fromCodePoint(value) : \"\"\n}\n\nfunction decodeHtmlEntities(value: string): string {\n  const namedEntities: Record<string, string> = {\n    amp: \"&\",\n    apos: \"'\",\n    colon: \":\",\n    gt: \">\",\n    lt: \"<\",\n    newline: \"\\n\",\n    quot: '\"',\n    tab: \"\\t\",\n  }\n\n  let decoded = value\n  for (let i = 0; i < 4; i += 1) {\n    const next = decoded\n      .replace(/&#x([0-9a-f]+);?/gi, (_match, hex: string) => {\n        const codePoint = Number.parseInt(hex, 16)\n        return safeCodePoint(codePoint)\n      })\n      .replace(/&#(\\d+);?/g, (_match, decimal: string) => {\n        const codePoint = Number.parseInt(decimal, 10)\n        return safeCodePoint(codePoint)\n      })\n      .replace(/&([a-z]+);/gi, (match, name: string) => namedEntities[name.toLowerCase()] ?? match)\n\n    if (next === decoded) return decoded\n    decoded = next\n  }\n\n  return decoded\n}\n\nfunction isSafeUrl(value: string): boolean {\n  const decoded = decodeHtmlEntities(value).replace(/[\\u0000-\\u001f\\u007f\\s]+/g, \"\").trim()\n  if (!decoded) return false\n  if (decoded.startsWith(\"//\")) return false\n  if (decoded.startsWith(\"#\") || decoded.startsWith(\"/\") || decoded.startsWith(\"./\") || decoded.startsWith(\"../\")) {\n    return true\n  }\n\n  try {\n    return SAFE_URL_PROTOCOLS.has(new URL(decoded, \"https://handled.local\").protocol)\n  } catch {\n    return false\n  }\n}\n\nfunction sanitizeClassName(value: string): string | null {\n  const safeTokens = value\n    .split(/\\s+/)\n    .map((token) => token.trim())\n    .filter((token) => /^[A-Za-z0-9_-]+$/.test(token))\n\n  return safeTokens.length ? safeTokens.join(\" \") : null\n}\n\nfunction sanitizeDimension(value: string): string | null {\n  const trimmed = value.trim()\n  if (/^\\d{1,4}$/.test(trimmed)) return trimmed\n  return null\n}\n\nfunction sanitizeLanguage(value: string): string | null {\n  const trimmed = value.trim()\n  if (/^[A-Za-z]{1,8}(?:-[A-Za-z0-9]{1,8})*$/.test(trimmed)) return trimmed\n  return null\n}\n\nfunction sanitizeDirection(value: string): string | null {\n  const trimmed = value.trim().toLowerCase()\n  return trimmed === \"ltr\" || trimmed === \"rtl\" || trimmed === \"auto\" ? trimmed : null\n}\n\nfunction sanitizeFontSize(value: string): string | null {\n  const trimmed = value.trim().toLowerCase()\n  const match = trimmed.match(/^(\\d+(?:\\.\\d+)?)(px|em|rem|%)$/)\n  if (!match) return null\n\n  const amount = Number.parseFloat(match[1])\n  const unit = match[2]\n  const maxByUnit: Record<string, number> = { px: 72, em: 4, rem: 4, \"%\": 400 }\n  if (!Number.isFinite(amount) || amount <= 0 || amount > maxByUnit[unit]) return null\n  return `${amount}${unit}`\n}\n\nfunction sanitizeStyle(value: string): string | null {\n  const declarations: string[] = []\n\n  for (const rawDeclaration of value.split(\";\")) {\n    const separatorIndex = rawDeclaration.indexOf(\":\")\n    if (separatorIndex === -1) continue\n\n    const property = rawDeclaration.slice(0, separatorIndex).trim().toLowerCase()\n    const rawValue = decodeHtmlEntities(rawDeclaration.slice(separatorIndex + 1)).trim().toLowerCase()\n    if (!property || !rawValue || /url\\s*\\(|expression\\s*\\(/i.test(rawValue)) continue\n\n    if (property === \"vertical-align\" && (rawValue === \"super\" || rawValue === \"sub\")) {\n      declarations.push(`vertical-align: ${rawValue}`)\n      continue\n    }\n\n    if (property === \"font-size\") {\n      const fontSize = sanitizeFontSize(rawValue)\n      if (fontSize) declarations.push(`font-size: ${fontSize}`)\n    }\n  }\n\n  return declarations.length ? declarations.join(\"; \") : null\n}\n\nfunction sanitizeAttribute(tagName: string, name: string, value: string): string | null {\n  const attr = name.toLowerCase()\n\n  if (\n    attr.startsWith(\"on\") ||\n    attr === \"srcdoc\" ||\n    attr === \"formaction\" ||\n    attr === \"xlink:href\" ||\n    attr === \"xmlns\"\n  ) {\n    return null\n  }\n\n  if (attr === \"style\") {\n    const safeStyle = sanitizeStyle(value)\n    return safeStyle ? `style=\"${escapeAttribute(safeStyle)}\"` : null\n  }\n\n  if (attr === \"class\") {\n    const safeClassName = sanitizeClassName(value)\n    return safeClassName ? `class=\"${escapeAttribute(safeClassName)}\"` : null\n  }\n\n  if (attr === \"dir\") {\n    const safeDirection = sanitizeDirection(value)\n    return safeDirection ? `dir=\"${escapeAttribute(safeDirection)}\"` : null\n  }\n\n  if (attr === \"lang\") {\n    const safeLanguage = sanitizeLanguage(value)\n    return safeLanguage ? `lang=\"${escapeAttribute(safeLanguage)}\"` : null\n  }\n\n  if (SAFE_GLOBAL_ATTRS.has(attr) || attr.startsWith(\"aria-\")) {\n    return `${attr}=\"${escapeAttribute(value)}\"`\n  }\n\n  if (tagName === \"a\" && attr === \"href\" && isSafeUrl(value)) {\n    return `href=\"${escapeAttribute(value)}\"`\n  }\n\n  if (tagName === \"img\" && attr === \"src\" && isSafeUrl(value)) {\n    return `src=\"${escapeAttribute(value)}\"`\n  }\n\n  if (tagName === \"img\" && attr === \"alt\") {\n    return `${attr}=\"${escapeAttribute(value)}\"`\n  }\n\n  if (tagName === \"img\" && (attr === \"width\" || attr === \"height\")) {\n    const safeDimension = sanitizeDimension(value)\n    return safeDimension ? `${attr}=\"${escapeAttribute(safeDimension)}\"` : null\n  }\n\n  if ((tagName === \"td\" || tagName === \"th\") && (attr === \"colspan\" || attr === \"rowspan\")) {\n    return `${attr}=\"${escapeAttribute(value)}\"`\n  }\n\n  return null\n}\n\nfunction sanitizeAttributes(tagName: string, rawAttributes = \"\"): string {\n  const attributes: string[] = []\n  const attrPattern = /([A-Za-z_:][-A-Za-z0-9_:.]*)(?:\\s*=\\s*(?:\"([^\"]*)\"|'([^']*)'|([^\\s\"'=<>`]+)))?/g\n  let match: RegExpExecArray | null\n\n  while ((match = attrPattern.exec(rawAttributes)) !== null) {\n    const [, name, doubleQuotedValue, singleQuotedValue, unquotedValue] = match\n    const value = doubleQuotedValue ?? singleQuotedValue ?? unquotedValue ?? \"\"\n    const safeAttribute = sanitizeAttribute(tagName, name, value)\n    if (safeAttribute) attributes.push(safeAttribute)\n  }\n\n  if (tagName === \"a\" && attributes.some((attr) => attr.startsWith(\"href=\"))) {\n    attributes.push('target=\"_blank\"', 'rel=\"noopener noreferrer\"')\n  }\n\n  return attributes.length ? ` ${attributes.join(\" \")}` : \"\"\n}\n\nfunction findTagEnd(html: string, startIndex: number): number {\n  let quote: '\"' | \"'\" | null = null\n\n  for (let i = startIndex + 1; i < html.length; i += 1) {\n    const char = html[i]\n    if (quote) {\n      if (char === quote) quote = null\n      continue\n    }\n\n    if (char === '\"' || char === \"'\") {\n      quote = char\n      continue\n    }\n\n    if (char === \">\") return i\n  }\n\n  return -1\n}\n\nfunction parseTag(rawTag: string): { closing: boolean; name: string; attributes: string } | null {\n  const match = rawTag.match(/^<\\s*(\\/)?\\s*([A-Za-z][A-Za-z0-9:-]*)\\b([\\s\\S]*?)\\/?>$/)\n  if (!match) return null\n\n  return {\n    closing: !!match[1],\n    name: match[2].toLowerCase(),\n    attributes: match[3] ?? \"\",\n  }\n}\n\nfunction findDangerousClose(html: string, tagName: string, fromIndex: number): number {\n  const closePattern = new RegExp(`</\\\\s*${tagName}\\\\s*>`, \"ig\")\n  closePattern.lastIndex = fromIndex\n  const match = closePattern.exec(html)\n  return match ? closePattern.lastIndex : -1\n}\n\n/**\n * Conservative, deterministic sanitizer for user/email supplied HTML rendered by\n * design-system components. It keeps common email formatting tags while removing\n * executable tags, event handlers, unsafe inline styles, and unsafe URLs. This stays\n * dependency-free for the shared package and intentionally favors stripping\n * ambiguous email content over preserving every possible HTML feature.\n */\nexport function sanitizeHtml(html: string): string {\n  let output = \"\"\n  let cursor = 0\n\n  while (cursor < html.length) {\n    const tagStart = html.indexOf(\"<\", cursor)\n    if (tagStart === -1) {\n      output += html.slice(cursor)\n      break\n    }\n\n    output += html.slice(cursor, tagStart)\n\n    if (html.startsWith(\"<!--\", tagStart)) {\n      const commentEnd = html.indexOf(\"-->\", tagStart + 4)\n      cursor = commentEnd === -1 ? html.length : commentEnd + 3\n      continue\n    }\n\n    const tagEnd = findTagEnd(html, tagStart)\n    if (tagEnd === -1) {\n      output += escapeHtml(html.slice(tagStart))\n      break\n    }\n\n    const rawTag = html.slice(tagStart, tagEnd + 1)\n    const parsed = parseTag(rawTag)\n    if (!parsed) {\n      cursor = tagEnd + 1\n      continue\n    }\n\n    if (DANGEROUS_BLOCK_TAGS.has(parsed.name)) {\n      const closeEnd = parsed.closing ? -1 : findDangerousClose(html, parsed.name, tagEnd + 1)\n      cursor = closeEnd === -1 ? tagEnd + 1 : closeEnd\n      continue\n    }\n\n    if (ALLOWED_TAGS.has(parsed.name)) {\n      if (parsed.closing) {\n        if (!VOID_TAGS.has(parsed.name)) output += `</${parsed.name}>`\n      } else {\n        output += `<${parsed.name}${sanitizeAttributes(parsed.name, parsed.attributes)}>`\n      }\n    }\n\n    cursor = tagEnd + 1\n  }\n\n  return output\n}\n\nexport function htmlToTextSnippet(html: string, maxLength = 140): string {\n  return sanitizeHtml(html)\n    .replace(/<[^>]+>/g, \" \")\n    .replace(/\\s+/g, \" \")\n    .trim()\n    .slice(0, maxLength)\n}\n"],"mappings":"AAAA,MAAM,uBAAuB,oBAAI,IAAI;AAAA,EACnC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAED,MAAM,eAAe,oBAAI,IAAI;AAAA,EAC3B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAED,MAAM,YAAY,oBAAI,IAAI,CAAC,MAAM,MAAM,KAAK,CAAC;AAC7C,MAAM,oBAAoB,oBAAI,IAAI,CAAC,cAAc,OAAO,QAAQ,QAAQ,OAAO,CAAC;AAChF,MAAM,qBAAqB,oBAAI,IAAI,CAAC,SAAS,UAAU,WAAW,MAAM,CAAC;AAEzE,SAAS,WAAW,OAAuB;AACzC,SAAO,MACJ,QAAQ,MAAM,OAAO,EACrB,QAAQ,MAAM,MAAM,EACpB,QAAQ,MAAM,MAAM;AACzB;AAEA,SAAS,gBAAgB,OAAuB;AAC9C,SAAO,WAAW,KAAK,EAAE,QAAQ,MAAM,QAAQ;AACjD;AAEA,SAAS,cAAc,OAAuB;AAC5C,SAAO,OAAO,UAAU,KAAK,KAAK,SAAS,KAAK,SAAS,UAAW,OAAO,cAAc,KAAK,IAAI;AACpG;AAEA,SAAS,mBAAmB,OAAuB;AACjD,QAAM,gBAAwC;AAAA,IAC5C,KAAK;AAAA,IACL,MAAM;AAAA,IACN,OAAO;AAAA,IACP,IAAI;AAAA,IACJ,IAAI;AAAA,IACJ,SAAS;AAAA,IACT,MAAM;AAAA,IACN,KAAK;AAAA,EACP;AAEA,MAAI,UAAU;AACd,WAAS,IAAI,GAAG,IAAI,GAAG,KAAK,GAAG;AAC7B,UAAM,OAAO,QACV,QAAQ,sBAAsB,CAAC,QAAQ,QAAgB;AACtD,YAAM,YAAY,OAAO,SAAS,KAAK,EAAE;AACzC,aAAO,cAAc,SAAS;AAAA,IAChC,CAAC,EACA,QAAQ,cAAc,CAAC,QAAQ,YAAoB;AAClD,YAAM,YAAY,OAAO,SAAS,SAAS,EAAE;AAC7C,aAAO,cAAc,SAAS;AAAA,IAChC,CAAC,EACA,QAAQ,gBAAgB,CAAC,OAAO,SAAc;AAvFrD;AAuFwD,iCAAc,KAAK,YAAY,CAAC,MAAhC,YAAqC;AAAA,KAAK;AAE9F,QAAI,SAAS,QAAS,QAAO;AAC7B,cAAU;AAAA,EACZ;AAEA,SAAO;AACT;AAEA,SAAS,UAAU,OAAwB;AACzC,QAAM,UAAU,mBAAmB,KAAK,EAAE,QAAQ,6BAA6B,EAAE,EAAE,KAAK;AACxF,MAAI,CAAC,QAAS,QAAO;AACrB,MAAI,QAAQ,WAAW,IAAI,EAAG,QAAO;AACrC,MAAI,QAAQ,WAAW,GAAG,KAAK,QAAQ,WAAW,GAAG,KAAK,QAAQ,WAAW,IAAI,KAAK,QAAQ,WAAW,KAAK,GAAG;AAC/G,WAAO;AAAA,EACT;AAEA,MAAI;AACF,WAAO,mBAAmB,IAAI,IAAI,IAAI,SAAS,uBAAuB,EAAE,QAAQ;AAAA,EAClF,SAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEA,SAAS,kBAAkB,OAA8B;AACvD,QAAM,aAAa,MAChB,MAAM,KAAK,EACX,IAAI,CAAC,UAAU,MAAM,KAAK,CAAC,EAC3B,OAAO,CAAC,UAAU,mBAAmB,KAAK,KAAK,CAAC;AAEnD,SAAO,WAAW,SAAS,WAAW,KAAK,GAAG,IAAI;AACpD;AAEA,SAAS,kBAAkB,OAA8B;AACvD,QAAM,UAAU,MAAM,KAAK;AAC3B,MAAI,YAAY,KAAK,OAAO,EAAG,QAAO;AACtC,SAAO;AACT;AAEA,SAAS,iBAAiB,OAA8B;AACtD,QAAM,UAAU,MAAM,KAAK;AAC3B,MAAI,wCAAwC,KAAK,OAAO,EAAG,QAAO;AAClE,SAAO;AACT;AAEA,SAAS,kBAAkB,OAA8B;AACvD,QAAM,UAAU,MAAM,KAAK,EAAE,YAAY;AACzC,SAAO,YAAY,SAAS,YAAY,SAAS,YAAY,SAAS,UAAU;AAClF;AAEA,SAAS,iBAAiB,OAA8B;AACtD,QAAM,UAAU,MAAM,KAAK,EAAE,YAAY;AACzC,QAAM,QAAQ,QAAQ,MAAM,gCAAgC;AAC5D,MAAI,CAAC,MAAO,QAAO;AAEnB,QAAM,SAAS,OAAO,WAAW,MAAM,CAAC,CAAC;AACzC,QAAM,OAAO,MAAM,CAAC;AACpB,QAAM,YAAoC,EAAE,IAAI,IAAI,IAAI,GAAG,KAAK,GAAG,KAAK,IAAI;AAC5E,MAAI,CAAC,OAAO,SAAS,MAAM,KAAK,UAAU,KAAK,SAAS,UAAU,IAAI,EAAG,QAAO;AAChF,SAAO,GAAG,MAAM,GAAG,IAAI;AACzB;AAEA,SAAS,cAAc,OAA8B;AACnD,QAAM,eAAyB,CAAC;AAEhC,aAAW,kBAAkB,MAAM,MAAM,GAAG,GAAG;AAC7C,UAAM,iBAAiB,eAAe,QAAQ,GAAG;AACjD,QAAI,mBAAmB,GAAI;AAE3B,UAAM,WAAW,eAAe,MAAM,GAAG,cAAc,EAAE,KAAK,EAAE,YAAY;AAC5E,UAAM,WAAW,mBAAmB,eAAe,MAAM,iBAAiB,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY;AACjG,QAAI,CAAC,YAAY,CAAC,YAAY,4BAA4B,KAAK,QAAQ,EAAG;AAE1E,QAAI,aAAa,qBAAqB,aAAa,WAAW,aAAa,QAAQ;AACjF,mBAAa,KAAK,mBAAmB,QAAQ,EAAE;AAC/C;AAAA,IACF;AAEA,QAAI,aAAa,aAAa;AAC5B,YAAM,WAAW,iBAAiB,QAAQ;AAC1C,UAAI,SAAU,cAAa,KAAK,cAAc,QAAQ,EAAE;AAAA,IAC1D;AAAA,EACF;AAEA,SAAO,aAAa,SAAS,aAAa,KAAK,IAAI,IAAI;AACzD;AAEA,SAAS,kBAAkB,SAAiB,MAAc,OAA8B;AACtF,QAAM,OAAO,KAAK,YAAY;AAE9B,MACE,KAAK,WAAW,IAAI,KACpB,SAAS,YACT,SAAS,gBACT,SAAS,gBACT,SAAS,SACT;AACA,WAAO;AAAA,EACT;AAEA,MAAI,SAAS,SAAS;AACpB,UAAM,YAAY,cAAc,KAAK;AACrC,WAAO,YAAY,UAAU,gBAAgB,SAAS,CAAC,MAAM;AAAA,EAC/D;AAEA,MAAI,SAAS,SAAS;AACpB,UAAM,gBAAgB,kBAAkB,KAAK;AAC7C,WAAO,gBAAgB,UAAU,gBAAgB,aAAa,CAAC,MAAM;AAAA,EACvE;AAEA,MAAI,SAAS,OAAO;AAClB,UAAM,gBAAgB,kBAAkB,KAAK;AAC7C,WAAO,gBAAgB,QAAQ,gBAAgB,aAAa,CAAC,MAAM;AAAA,EACrE;AAEA,MAAI,SAAS,QAAQ;AACnB,UAAM,eAAe,iBAAiB,KAAK;AAC3C,WAAO,eAAe,SAAS,gBAAgB,YAAY,CAAC,MAAM;AAAA,EACpE;AAEA,MAAI,kBAAkB,IAAI,IAAI,KAAK,KAAK,WAAW,OAAO,GAAG;AAC3D,WAAO,GAAG,IAAI,KAAK,gBAAgB,KAAK,CAAC;AAAA,EAC3C;AAEA,MAAI,YAAY,OAAO,SAAS,UAAU,UAAU,KAAK,GAAG;AAC1D,WAAO,SAAS,gBAAgB,KAAK,CAAC;AAAA,EACxC;AAEA,MAAI,YAAY,SAAS,SAAS,SAAS,UAAU,KAAK,GAAG;AAC3D,WAAO,QAAQ,gBAAgB,KAAK,CAAC;AAAA,EACvC;AAEA,MAAI,YAAY,SAAS,SAAS,OAAO;AACvC,WAAO,GAAG,IAAI,KAAK,gBAAgB,KAAK,CAAC;AAAA,EAC3C;AAEA,MAAI,YAAY,UAAU,SAAS,WAAW,SAAS,WAAW;AAChE,UAAM,gBAAgB,kBAAkB,KAAK;AAC7C,WAAO,gBAAgB,GAAG,IAAI,KAAK,gBAAgB,aAAa,CAAC,MAAM;AAAA,EACzE;AAEA,OAAK,YAAY,QAAQ,YAAY,UAAU,SAAS,aAAa,SAAS,YAAY;AACxF,WAAO,GAAG,IAAI,KAAK,gBAAgB,KAAK,CAAC;AAAA,EAC3C;AAEA,SAAO;AACT;AAEA,SAAS,mBAAmB,SAAiB,gBAAgB,IAAY;AA3OzE;AA4OE,QAAM,aAAuB,CAAC;AAC9B,QAAM,cAAc;AACpB,MAAI;AAEJ,UAAQ,QAAQ,YAAY,KAAK,aAAa,OAAO,MAAM;AACzD,UAAM,CAAC,EAAE,MAAM,mBAAmB,mBAAmB,aAAa,IAAI;AACtE,UAAM,SAAQ,2DAAqB,sBAArB,YAA0C,kBAA1C,YAA2D;AACzE,UAAM,gBAAgB,kBAAkB,SAAS,MAAM,KAAK;AAC5D,QAAI,cAAe,YAAW,KAAK,aAAa;AAAA,EAClD;AAEA,MAAI,YAAY,OAAO,WAAW,KAAK,CAAC,SAAS,KAAK,WAAW,OAAO,CAAC,GAAG;AAC1E,eAAW,KAAK,mBAAmB,2BAA2B;AAAA,EAChE;AAEA,SAAO,WAAW,SAAS,IAAI,WAAW,KAAK,GAAG,CAAC,KAAK;AAC1D;AAEA,SAAS,WAAW,MAAc,YAA4B;AAC5D,MAAI,QAA0B;AAE9B,WAAS,IAAI,aAAa,GAAG,IAAI,KAAK,QAAQ,KAAK,GAAG;AACpD,UAAM,OAAO,KAAK,CAAC;AACnB,QAAI,OAAO;AACT,UAAI,SAAS,MAAO,SAAQ;AAC5B;AAAA,IACF;AAEA,QAAI,SAAS,OAAO,SAAS,KAAK;AAChC,cAAQ;AACR;AAAA,IACF;AAEA,QAAI,SAAS,IAAK,QAAO;AAAA,EAC3B;AAEA,SAAO;AACT;AAEA,SAAS,SAAS,QAA+E;AAnRjG;AAoRE,QAAM,QAAQ,OAAO,MAAM,wDAAwD;AACnF,MAAI,CAAC,MAAO,QAAO;AAEnB,SAAO;AAAA,IACL,SAAS,CAAC,CAAC,MAAM,CAAC;AAAA,IAClB,MAAM,MAAM,CAAC,EAAE,YAAY;AAAA,IAC3B,aAAY,WAAM,CAAC,MAAP,YAAY;AAAA,EAC1B;AACF;AAEA,SAAS,mBAAmB,MAAc,SAAiB,WAA2B;AACpF,QAAM,eAAe,IAAI,OAAO,SAAS,OAAO,SAAS,IAAI;AAC7D,eAAa,YAAY;AACzB,QAAM,QAAQ,aAAa,KAAK,IAAI;AACpC,SAAO,QAAQ,aAAa,YAAY;AAC1C;AASO,SAAS,aAAa,MAAsB;AACjD,MAAI,SAAS;AACb,MAAI,SAAS;AAEb,SAAO,SAAS,KAAK,QAAQ;AAC3B,UAAM,WAAW,KAAK,QAAQ,KAAK,MAAM;AACzC,QAAI,aAAa,IAAI;AACnB,gBAAU,KAAK,MAAM,MAAM;AAC3B;AAAA,IACF;AAEA,cAAU,KAAK,MAAM,QAAQ,QAAQ;AAErC,QAAI,KAAK,WAAW,QAAQ,QAAQ,GAAG;AACrC,YAAM,aAAa,KAAK,QAAQ,OAAO,WAAW,CAAC;AACnD,eAAS,eAAe,KAAK,KAAK,SAAS,aAAa;AACxD;AAAA,IACF;AAEA,UAAM,SAAS,WAAW,MAAM,QAAQ;AACxC,QAAI,WAAW,IAAI;AACjB,gBAAU,WAAW,KAAK,MAAM,QAAQ,CAAC;AACzC;AAAA,IACF;AAEA,UAAM,SAAS,KAAK,MAAM,UAAU,SAAS,CAAC;AAC9C,UAAM,SAAS,SAAS,MAAM;AAC9B,QAAI,CAAC,QAAQ;AACX,eAAS,SAAS;AAClB;AAAA,IACF;AAEA,QAAI,qBAAqB,IAAI,OAAO,IAAI,GAAG;AACzC,YAAM,WAAW,OAAO,UAAU,KAAK,mBAAmB,MAAM,OAAO,MAAM,SAAS,CAAC;AACvF,eAAS,aAAa,KAAK,SAAS,IAAI;AACxC;AAAA,IACF;AAEA,QAAI,aAAa,IAAI,OAAO,IAAI,GAAG;AACjC,UAAI,OAAO,SAAS;AAClB,YAAI,CAAC,UAAU,IAAI,OAAO,IAAI,EAAG,WAAU,KAAK,OAAO,IAAI;AAAA,MAC7D,OAAO;AACL,kBAAU,IAAI,OAAO,IAAI,GAAG,mBAAmB,OAAO,MAAM,OAAO,UAAU,CAAC;AAAA,MAChF;AAAA,IACF;AAEA,aAAS,SAAS;AAAA,EACpB;AAEA,SAAO;AACT;AAEO,SAAS,kBAAkB,MAAc,YAAY,KAAa;AACvE,SAAO,aAAa,IAAI,EACrB,QAAQ,YAAY,GAAG,EACvB,QAAQ,QAAQ,GAAG,EACnB,KAAK,EACL,MAAM,GAAG,SAAS;AACvB;","names":[]}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@handled-ai/design-system",
-  "version": "0.20.5",
+  "version": "0.20.7",
   "description": "Handled UI component library (shadcn-style, New York)",
   "type": "module",
   "packageManager": "pnpm@9.12.0",

package/src/components/__tests__/conversation-panel.test.tsx

@@ -7,6 +7,18 @@ import {
   type ConvParticipant,
 } from "../conversation-panel";
 
+
+function expectNoVisibleEscapeArtifacts(value: string) {
+  expect(value).not.toMatch(/&#(?:x[0-9a-f]+|\d+);?/i);
+  expect(value).not.toContain("&");
+  expect(value).not.toContain("<");
+  expect(value).not.toContain(">");
+  expect(value).not.toContain(""");
+  expect(value).not.toContain('\\"');
+  expect(value).not.toContain("\\'");
+  expect(value).not.toContain("\\n");
+}
+
 const me: ConvParticipant = { name: "Dana Okafor", email: "dana@handled.ai" };
 const priya: ConvParticipant = { name: "Priya Raman", email: "priya@northwind.io" };
 
@@ -196,14 +208,14 @@ describe("ConversationPanel", () => {
 
     const message = container.querySelector('[data-slot="conv-message"]')!;
     expect(message.querySelector('[data-slot="conv-message-body"]')?.textContent).toContain("The updated invoice is attached.");
-    expect(message.querySelector('[data-slot="conv-message-details"]')).toBeNull();
+    expect(message.querySelector('[data-slot="email-body-details"]')).toBeNull();
     expect(message.querySelector('[data-slot="conv-message-body"]')?.textContent).not.toContain("Confidentiality Notice");
 
-    fireEvent.click(screen.getByText("Show signature/details"));
+    fireEvent.click(screen.getByRole("button", { name: "•••" }));
 
-    expect(screen.getByText("Hide signature/details")).toBeDefined();
-    expect(message.querySelector('[data-slot="conv-message-details"]')?.textContent).toContain("Priya Raman");
-    expect(message.querySelector('[data-slot="conv-message-details"]')?.textContent).toContain("Confidentiality Notice");
+    expect(screen.getByRole("button", { name: "•••" })).toBeDefined();
+    expect(message.querySelector('[data-slot="email-body-details"]')?.textContent).toContain("Priya Raman");
+    expect(message.querySelector('[data-slot="email-body-details"]')?.textContent).toContain("Confidentiality Notice");
   });
 
   it("collapses trailing plain-text signatures while preserving line boundaries", () => {
@@ -224,14 +236,13 @@ describe("ConversationPanel", () => {
 
     const message = container.querySelector('[data-slot="conv-message"]')!;
     expect(message.querySelector('[data-slot="conv-message-body"]')?.textContent).toContain("I can meet tomorrow at 2pm.");
-    expect(message.querySelector('[data-slot="conv-message-details"]')).toBeNull();
+    expect(message.querySelector('[data-slot="email-body-details"]')).toBeNull();
 
-    fireEvent.click(screen.getByText("Show signature/details"));
+    fireEvent.click(screen.getByRole("button", { name: "•••" }));
 
-    const details = message.querySelector('[data-slot="conv-message-details"]')!;
+    const details = message.querySelector('[data-slot="email-body-details"]')!;
     expect(details.textContent).toContain("Best,");
     expect(details.textContent).toContain("VP Sales, Northwind");
-    expect(message.querySelector('[data-slot="conv-message-body"]')?.textContent?.endsWith("2pm.\n\n")).toBe(true);
     expect(details.textContent?.startsWith("Best,")).toBe(true);
   });
 
@@ -253,7 +264,7 @@ describe("ConversationPanel", () => {
     const message = container.querySelector('[data-slot="conv-message"]')!;
 
     expect(message.querySelector('[data-slot="conv-message-body"]')?.textContent).toContain("Thanks for sending this over");
-    expect(screen.queryByText("Show signature/details")).toBeNull();
+    expect(screen.queryByRole("button", { name: "•••" })).toBeNull();
   });
 
   it("keeps trailing thanks comma sentence body visible", () => {
@@ -274,7 +285,7 @@ describe("ConversationPanel", () => {
     const message = container.querySelector('[data-slot="conv-message"]')!;
 
     expect(message.querySelector('[data-slot="conv-message-body"]')?.textContent).toContain("Thanks, this helps us decide next steps.");
-    expect(screen.queryByText("Show signature/details")).toBeNull();
+    expect(screen.queryByRole("button", { name: "•••" })).toBeNull();
   });
 
   it("keeps trailing thank-you comma sentence body visible", () => {
@@ -295,7 +306,7 @@ describe("ConversationPanel", () => {
     const message = container.querySelector('[data-slot="conv-message"]')!;
 
     expect(message.querySelector('[data-slot="conv-message-body"]')?.textContent).toContain("Thank you, that clarifies the renewal plan.");
-    expect(screen.queryByText("Show signature/details")).toBeNull();
+    expect(screen.queryByRole("button", { name: "•••" })).toBeNull();
   });
 
   it("keeps command-like double-dash plain-text lines visible", () => {
@@ -317,7 +328,7 @@ describe("ConversationPanel", () => {
 
     expect(message.querySelector('[data-slot="conv-message-body"]')?.textContent).toContain("-- retry failed imports");
     expect(message.querySelector('[data-slot="conv-message-body"]')?.textContent).toContain("-- skip archived records");
-    expect(screen.queryByText("Show signature/details")).toBeNull();
+    expect(screen.queryByRole("button", { name: "•••" })).toBeNull();
   });
 
   it("keeps command-like double-dash HTML blocks visible", () => {
@@ -339,7 +350,7 @@ describe("ConversationPanel", () => {
 
     expect(message.querySelector('[data-slot="conv-message-body"]')?.textContent).toContain("-- retry failed imports");
     expect(message.querySelector('[data-slot="conv-message-body"]')?.textContent).toContain("-- skip archived records");
-    expect(screen.queryByText("Show signature/details")).toBeNull();
+    expect(screen.queryByRole("button", { name: "•••" })).toBeNull();
   });
 
   it("collapses standard double-dash signature separator with sender details", () => {
@@ -362,10 +373,10 @@ describe("ConversationPanel", () => {
     expect(message.querySelector('[data-slot="conv-message-body"]')?.textContent).toContain("The import plan looks good.");
     expect(message.querySelector('[data-slot="conv-message-body"]')?.textContent).not.toContain("Priya Raman");
 
-    fireEvent.click(screen.getByText("Show signature/details"));
+    fireEvent.click(screen.getByRole("button", { name: "•••" }));
 
-    expect(message.querySelector('[data-slot="conv-message-details"]')?.textContent).toContain("--");
-    expect(message.querySelector('[data-slot="conv-message-details"]')?.textContent).toContain("Priya Raman");
+    expect(message.querySelector('[data-slot="email-body-details"]')?.textContent).toContain("--");
+    expect(message.querySelector('[data-slot="email-body-details"]')?.textContent).toContain("Priya Raman");
   });
 
   it("does not split raw HTML into invalid partial tags when collapsing details", () => {
@@ -387,14 +398,14 @@ describe("ConversationPanel", () => {
 
     const link = container.querySelector('a[href="https://example.com/report"]');
     expect(link?.textContent).toBe("the full report");
-    expect(container.querySelector('[data-slot="conv-message-details"]')).toBeNull();
+    expect(container.querySelector('[data-slot="email-body-details"]')).toBeNull();
 
     const message = container.querySelector('[data-slot="conv-message"]')!;
     expect(message.querySelector('[data-slot="conv-message-body"]')?.innerHTML).toContain("<strong>the full report</strong>");
     expect(message.querySelector('[data-slot="conv-message-body"]')?.innerHTML).not.toContain("</a></strong>");
 
-    fireEvent.click(screen.getByText("Show signature/details"));
-    expect(container.querySelector('[data-slot="conv-message-details"]')?.textContent).toContain("Priya Raman");
+    fireEvent.click(screen.getByRole("button", { name: "•••" }));
+    expect(container.querySelector('[data-slot="email-body-details"]')?.textContent).toContain("Priya Raman");
     expect(container.querySelector('[data-slot="conv-message"]')?.querySelectorAll("p").length).toBeGreaterThanOrEqual(4);
   });
 
@@ -419,9 +430,9 @@ describe("ConversationPanel", () => {
 
     render(<ConversationPanel threads={[quotedThread]} me={me} />);
 
-    fireEvent.click(screen.getByText("Show signature/details"));
+    fireEvent.click(screen.getByTitle("Show historical details"));
 
-    expect(document.querySelector('[data-slot="conv-message-details"]')?.textContent).toContain("Priya Raman");
+    expect(document.querySelector('[data-slot="email-body-details"]')?.textContent).toContain("Priya Raman");
     expect(screen.queryByText("Prior hidden message")).toBeNull();
 
     fireEvent.click(screen.getByTitle("Show quoted text"));
@@ -678,4 +689,153 @@ describe("ConversationPanel", () => {
     expect(screen.getByText("Local draft preview")).toBeDefined();
     expect(screen.getByText(/Local draft preview only/i)).toBeDefined();
   });
+
+
+  it("renders thread messages ascending by raw chronological timestamp even when input is out of order", () => {
+    const outOfOrder = thread({
+      messages: [
+        {
+          id: "newer-inbound",
+          direction: "inbound",
+          from: priya,
+          to: me,
+          date: "10:00 AM",
+          receivedAt: "2026-06-08T10:00:00.000Z",
+          body: "Second chronological reply",
+        },
+        {
+          id: "older-outbound",
+          direction: "outbound",
+          from: me,
+          to: priya,
+          date: "9:00 AM",
+          sentAt: "2026-06-08T09:00:00.000Z",
+          body: "First chronological outbound",
+        },
+        {
+          id: "newest-inbound-fallback",
+          direction: "inbound",
+          from: priya,
+          to: me,
+          date: "11:00 AM",
+          internalDate: "1780916400000",
+          body: "Third chronological Gmail fallback",
+        },
+      ],
+    });
+
+    const { container } = render(<ConversationPanel threads={[outOfOrder]} me={me} />);
+    const rows = Array.from(container.querySelectorAll('[data-slot="conv-message-collapsed"], [data-slot="conv-message"]'));
+
+    expect(rows).toHaveLength(3);
+    expect(rows[0].textContent).toContain("First chronological outbound");
+    expect(rows[1].textContent).toContain("Second chronological reply");
+    expect(rows[2].textContent).toContain("Third chronological Gmail fallback");
+    expect(rows[2].getAttribute("data-slot")).toBe("conv-message");
+    expect(container.textContent).toContain("Priya Raman · Priya: Third chronological Gmail fallback");
+  });
+
+  it("preserves stable input order when raw timestamps are invalid or missing", () => {
+    const invalidTimestampThread = thread({
+      messages: [
+        {
+          id: "display-newer-but-invalid",
+          direction: "inbound",
+          from: priya,
+          to: me,
+          date: "2099-01-01T00:00:00.000Z",
+          receivedAt: "not-a-date",
+          body: "Input order first invalid timestamp",
+        },
+        {
+          id: "missing-raw-timestamp",
+          direction: "outbound",
+          from: me,
+          to: priya,
+          date: "Jan 1",
+          body: "Input order second missing timestamp",
+        },
+        {
+          id: "display-older-but-invalid",
+          direction: "inbound",
+          from: priya,
+          to: me,
+          date: "1999-01-01T00:00:00.000Z",
+          rfc822Date: "definitely invalid",
+          body: "Input order third invalid timestamp",
+        },
+      ],
+    });
+
+    const { container } = render(<ConversationPanel threads={[invalidTimestampThread]} me={me} />);
+    const rows = Array.from(container.querySelectorAll('[data-slot="conv-message-collapsed"], [data-slot="conv-message"]'));
+
+    expect(rows).toHaveLength(3);
+    expect(rows[0].textContent).toContain("Input order first invalid timestamp");
+    expect(rows[1].textContent).toContain("Input order second missing timestamp");
+    expect(rows[2].textContent).toContain("Input order third invalid timestamp");
+    expect(rows[2].getAttribute("data-slot")).toBe("conv-message");
+  });
+
+  it("uses shared rendering for decoded snippets, full body/signature, one quote expander, and outbound identity", () => {
+    const owner: ConvParticipant = { name: "Dana Viewer", email: "viewer@handled.ai" };
+    const actualSender: ConvParticipant = { name: "Alex &amp; Sender", email: "alex.sender@example.com" };
+    const customer: ConvParticipant = { name: "Jane &amp; Team", email: "jane@example.com" };
+    const richThread = thread({
+      contact: customer,
+      messages: [
+        {
+          id: "m1",
+          direction: "outbound",
+          from: actualSender,
+          to: customer,
+          date: "Jun 8",
+          bodyHtml:
+            "<p>Hello Jane &amp; team — it&#39;s ready.</p><p>Thanks,</p><p>Alex Sender</p><p>Handled<sup>AI</sup></p>",
+          quoted: {
+            attr: "On Monday, Jane &amp; Team wrote:",
+            html: '<blockquote class="gmail_quote"><p>Prior &amp; decoded history</p></blockquote>',
+          },
+        },
+        {
+          id: "m2",
+          direction: "inbound",
+          from: customer,
+          to: actualSender,
+          date: "Today",
+          body: "Looks good &amp; approved.\n\n--\nJane Team\nCEO\njane@example.com",
+        },
+      ],
+    });
+
+    const { container } = render(<ConversationPanel threads={[richThread]} me={owner} />);
+
+    expect(container.textContent).toContain("Jane & Team · Jane: Looks good & approved.");
+    expectNoVisibleEscapeArtifacts(container.textContent ?? "");
+
+    fireEvent.click(container.querySelector('[data-slot="conv-message"] > button')!);
+    const collapsedRows = Array.from(container.querySelectorAll('[data-slot="conv-message-collapsed"]'));
+    const outboundRow = collapsedRows.find((row) => row.textContent?.includes("Alex · Hello Jane & team — it's ready."));
+    expect(outboundRow).toBeTruthy();
+    expect(outboundRow?.textContent).not.toContain("Dana Viewer");
+
+    fireEvent.click(outboundRow!);
+    const message = container.querySelector('[data-slot="conv-message"]')!;
+    expect(message.textContent).toContain("Alex & Sender");
+    expect(message.textContent).not.toContain("Dana Viewer");
+    expect(message.textContent).not.toContain("HandledAI");
+    expect(screen.getByTitle("Show historical details")).toBeTruthy();
+    expect(screen.getAllByRole("button", { name: "•••" }).length).toBe(2);
+
+    fireEvent.click(screen.getAllByRole("button", { name: "•••" })[0]);
+    expect(container.querySelector("sup")?.textContent).toBe("AI");
+    expect(message.textContent).toContain("HandledAI");
+    expect(screen.queryByText("Prior & decoded history")).toBeNull();
+
+    fireEvent.click(screen.getByTitle("Show quoted text"));
+    expect(screen.getByText("Prior & decoded history")).toBeTruthy();
+    expect(screen.getAllByRole("button", { name: "•••" }).length).toBe(2);
+    expectNoVisibleEscapeArtifacts(container.textContent ?? "");
+  });
+
 });

package/src/components/__tests__/email-body.test.tsx

@@ -0,0 +1,83 @@
+import React from "react"
+import { cleanup, fireEvent, render, screen } from "@testing-library/react"
+import { afterEach, describe, expect, it } from "vitest"
+
+import { EmailBody } from "../email-body"
+
+function expectNoVisibleEscapeArtifacts(value: string) {
+  expect(value).not.toMatch(/&#(?:x[0-9a-f]+|\d+);?/i)
+  expect(value).not.toContain("&")
+  expect(value).not.toContain("<")
+  expect(value).not.toContain(">")
+  expect(value).not.toContain(""")
+  expect(value).not.toContain("\\n")
+  expect(value).not.toContain('\\"')
+  expect(value).not.toContain("\\'")
+}
+
+afterEach(() => {
+  cleanup()
+})
+
+describe("EmailBody", () => {
+  it("sanitizes HTML at render time while preserving superscript signature fidelity", () => {
+    const { container } = render(
+      <EmailBody
+        variant="preview"
+        html={'<p>Hello &amp; welcome &#39;team&#39;</p><script>alert(1)</script>'}
+        detailsHtml={
+          '<div class="gmail_signature"><table><tbody><tr><td><img src="https://example.com/logo.png" width="100" height="40" alt="Logo"><sup>TM</sup><span style="vertical-align: super; font-size: 9px; position: fixed">1</span><a href="javascript:alert(1)" onclick="alert(1)">bad</a></td></tr></tbody></table></div>'
+        }
+      />,
+    )
+
+    expect(screen.getByText("Hello & welcome 'team'")).toBeTruthy()
+    expect(container.querySelector("script")).toBeNull()
+    expect(container.querySelector("sup")?.textContent).toBe("TM")
+    expect(container.querySelector("img")?.getAttribute("width")).toBe("100")
+    expect(container.querySelector("span")?.getAttribute("style")).toBe("vertical-align: super; font-size: 9px")
+    expect(container.querySelector("a")?.hasAttribute("href")).toBe(false)
+    expect(container.innerHTML).not.toContain("onclick")
+    expectNoVisibleEscapeArtifacts(container.textContent ?? "")
+  })
+
+  it("collapses details with an ellipsis toggle only when collapseDetails is enabled", () => {
+    const { container } = render(
+      <EmailBody
+        html="<p>Main body</p><p>Thanks,</p><p>Jane Doe</p><p>VP Sales</p>"
+        collapseDetails
+      />,
+    )
+
+    expect(screen.getByText("Main body")).toBeTruthy()
+    expect(screen.queryByText("Jane Doe")).toBeNull()
+    expect(screen.getByRole("button", { name: "•••" }).getAttribute("aria-expanded")).toBe("false")
+
+    fireEvent.click(screen.getByRole("button", { name: "•••" }))
+
+    expect(container.querySelector('[data-slot="email-body-details"]')?.textContent).toContain("Jane Doe")
+    expect(container.querySelector('[data-slot="email-body-details"]')?.textContent).toContain("VP Sales")
+    expect(screen.getByRole("button", { name: "•••" }).getAttribute("aria-expanded")).toBe("true")
+  })
+
+  it("shows details by default when collapse is disabled", () => {
+    render(<EmailBody text="Please review." detailsText="Confidentiality Notice: private." collapseDetails={false} />)
+
+    expect(screen.queryByRole("button", { name: "•••" })).toBeNull()
+    expect(screen.getByText("Confidentiality Notice: private.")).toBeTruthy()
+  })
+
+  it("honors defaultDetailsOpen for collapsed history", () => {
+    render(<EmailBody text="Please review.\n\nBest,\nJane Doe\nVP Sales" collapseDetails defaultDetailsOpen />)
+
+    expect(document.querySelector('[data-slot="email-body-details"]')?.textContent).toContain("Jane Doe")
+    expect(screen.getByRole("button", { name: "•••" }).getAttribute("aria-expanded")).toBe("true")
+  })
+
+  it("decodes plain text bodies without visible escape artifacts", () => {
+    const { container } = render(<EmailBody text={'"Line one &amp; two\\nLine &#39;three&#39;"'} />)
+
+    expect(container.textContent).toContain("Line one & two\nLine 'three'")
+    expectNoVisibleEscapeArtifacts(container.textContent ?? "")
+  })
+})