Fix broken emoji with md pattern in shortcode (#1514)

* fix broken emoji with md pattern in shortcode

* fix html regex when generating editor output

diff --git a/src/app/components/editor/output.ts b/src/app/components/editor/output.ts
index fa15bb582da89c5908c472b6f047284e9eaf455c..1fb2d590ae33206b91f346b1b0b93b718fcafa5f 100644 (file)
--- a/src/app/components/editor/output.ts
+++ b/src/app/components/editor/output.ts
@@ -51,21 +51,25 @@ const elementToCustomHtml = (node: CustomElement, children: string): string => {
       return `<ul>${children}</ul>`;
 
     case BlockType.Mention:
-      return `<a href="https://matrix.to/#/${node.id}">${node.name}</a>`;
+      return `<a href="https://matrix.to/#/${encodeURIComponent(node.id)}">${sanitizeText(
+        node.name
+      )}</a>`;
     case BlockType.Emoticon:
       return node.key.startsWith('mxc://')
-        ? `<img data-mx-emoticon src="${node.key}" alt="${node.shortcode}" title="${node.shortcode}" height="32">`
-        : node.key;
+        ? `<img data-mx-emoticon src="${node.key}" alt="${sanitizeText(
+            node.shortcode
+          )}" title="${sanitizeText(node.shortcode)}" height="32" />`
+        : sanitizeText(node.key);
     case BlockType.Link:
-      return `<a href="${node.href}">${node.children}</a>`;
+      return `<a href="${encodeURIComponent(node.href)}">${node.children}</a>`;
     case BlockType.Command:
-      return `/${node.command}`;
+      return `/${sanitizeText(node.command)}`;
     default:
       return children;
   }
 };
 
-const HTML_TAG_REG = /<([a-z]+)(?![^>]*\/>)[^<]*<\/\1>/;
+const HTML_TAG_REG = /<([\w-]+)(?:[^/>]*)(?:(?:\/>)|(?:>.*?<\/\1>))/;
 const ignoreHTMLParseInlineMD = (text: string): string => {
   if (text === '') return text;
   const match = text.match(HTML_TAG_REG);