diff --git a/js/privatebin.js b/js/privatebin.js
index d4f0cc4f..546de457 100644
--- a/js/privatebin.js
+++ b/js/privatebin.js
@@ -2529,20 +2529,24 @@ jQuery.PrivateBin = (function($, RawDeflate) {
return;
}
- const processedText = Helper.preformatTextForDomPurify(text, format);
+ let processedText = Helper.preformatTextForDomPurify(text, format);
- // escape HTML entities, link URLs, sanitize
- const escapedLinkedText = Helper.urls2links(processedText),
- sanitizedLinkedText = DOMPurify.sanitize(
- escapedLinkedText, {
- ALLOWED_TAGS: ['a'],
- ALLOWED_ATTR: ['href', 'rel']
- }
- );
- $plainText.html(sanitizedLinkedText);
- $prettyPrint.html(sanitizedLinkedText);
+ // link URLs
+ processedText = Helper.urls2links(processedText);
switch (format) {
+ case 'syntaxhighlighting':
+ // yes, this is really needed to initialize the environment
+ if (typeof prettyPrint === 'function')
+ {
+ prettyPrint();
+ }
+
+ $prettyPrint.html(
+ DOMPurify.sanitize(
+ prettyPrintOne(processedText, null, true)
+ )
+ );
case 'markdown':
const converter = new showdown.Converter({
strikethrough: true,
@@ -2554,29 +2558,27 @@ jQuery.PrivateBin = (function($, RawDeflate) {
// let showdown convert the HTML and sanitize HTML *afterwards*!
$plainText.html(
DOMPurify.sanitize(
+ // use original text, because showdown handles autolinking on it's own
converter.makeHtml(text)
)
);
// add table classes from bootstrap css
$plainText.find('table').addClass('table-condensed table-bordered');
break;
- case 'syntaxhighlighting':
- // yes, this is really needed to initialize the environment
- if (typeof prettyPrint === 'function')
- {
- prettyPrint();
- }
-
- $prettyPrint.html(
- DOMPurify.sanitize(
- prettyPrintOne(escapedLinkedText, null, true)
- )
- );
- // fall through, as the rest is the same
default: // = 'plaintext'
- $prettyPrint.css('white-space', 'pre-wrap');
- $prettyPrint.css('word-break', 'normal');
- $prettyPrint.removeClass('prettyprint');
+ $prettyPrint.html(DOMPurify.sanitize(
+ processedText, {
+ ALLOWED_TAGS: ['a'],
+ ALLOWED_ATTR: ['href', 'rel']
+ }
+ ));
+ }
+
+ // set block style for non-Markdown formatting
+ if (format !== 'markdown') {
+ $prettyPrint.css('white-space', 'pre-wrap');
+ $prettyPrint.css('word-break', 'normal');
+ $prettyPrint.removeClass('prettyprint');
}
}
diff --git a/tpl/bootstrap.php b/tpl/bootstrap.php
index c778f19e..6b0fc135 100644
--- a/tpl/bootstrap.php
+++ b/tpl/bootstrap.php
@@ -72,7 +72,7 @@ endif;
?>
-
+
diff --git a/tpl/page.php b/tpl/page.php
index ef93eb1a..087ded09 100644
--- a/tpl/page.php
+++ b/tpl/page.php
@@ -50,7 +50,7 @@ endif;
?>
-
+