GeneralBots/generalbots
1
0
Fork 0
Code Activity Actions 5

Fix: Escapar HTML para exibir como texto

Browse source 
- Remove lógica hasHtmlTags que injetava HTML cru
- Sempre usa escapeHtml para exibir conteúdo como texto
- Corrige problema de tags HTML aparecendo na página
This commit is contained in:
Rodrigo Rodriguez 2026-05-01 08:38:41 -03:00
parent 73e0121d0b
commit d9e66e957c
1 changed files with 7 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
botui/ui/suite/chat/chat-messages.js
View file

@ -57,20 +57,18 @@ if (msgId) div.id = msgId;
if (sender === "user") {
var processedContent = renderMentionInMessage(escapeHtml(content));
div.innerHTML = '<div class="message-content user-message">' + processedContent + "</div>";
} else {
var cleanContent = stripMarkdownBlocks(content);
} else {
var cleanContent = stripMarkdownBlocks(content);
var hasHtmlTags = /<\/?[a-zA-Z][^>]*>|<!--|-->/i.test(cleanContent);
var parsed;
if (msgId) {
parsed = '<div class="streaming-loading"><span class="loading-dots">...</span></div>';
} else if (hasHtmlTags) {
parsed = cleanContent; // Don't escape HTML tags
parsed = '<div class="streaming-loading"><span class="loading-dots">...</span></div>';
} else {
parsed = typeof marked !== "undefined" && marked.parse
? marked.parse(cleanContent)
: escapeHtml(cleanContent);
parsed = escapeHtml(cleanContent);
}
parsed = renderMentionInMessage(parsed);
div.innerHTML = '<div class="message-content bot-message">' + parsed + "</div>";
}
}
messages.appendChild(div);