[bugfix] html escape special characters in text instead of totally removing them (#719)

* remove minify dependency * tidy up some tests * remove pre + postformat funcs * rework sanitization + formatting * update tests * add some more markdown tests
2025-10-29 17:42:25 -05:00 · 2022-07-19 15:21:17 +02:00 · 2022-07-19 15:21:17 +02:00 · c84384e660
commit c84384e660
parent 098dbe6ff4
51 changed files with 129 additions and 7419 deletions
--- a/internal/text/sanitize.go
+++ b/internal/text/sanitize.go
@ -19,7 +19,9 @@
 package text

 import (
+	"html"
 	"regexp"
+	"strings"

 	"github.com/microcosm-cc/bluemonday"
 )
@ -59,7 +61,8 @@ func SanitizeHTML(in string) string {
 // SanitizePlaintext runs text through basic sanitization. This removes
 // any html elements that were in the string, and returns clean plaintext.
 func SanitizePlaintext(in string) string {
-	content := preformat(in)
+	content := html.UnescapeString(in)
 	content = removeHTML(content)
-	return postformat(content)
+	content = html.UnescapeString(content)
+	return strings.TrimSpace(content)
 }