fix(ui): escape raw HTML in chat messages instead of rendering it (#13952)

Co-authored-by: 0xRaini <0xRaini@users.noreply.github.com>
2026-02-15 22:59:29 +00:00 · 2026-02-12 07:40:40 +08:00
parent 729181bd06
commit bebba124e8
1 changed files with 10 additions and 1 deletions
--- a/ui/src/ui/markdown.ts
+++ b/ui/src/ui/markdown.ts
@@ -112,7 +112,9 @@ export function toSanitizedMarkdownHtml(markdown: string): string {
    }
    return sanitized;
  }
-  const rendered = marked.parse(`${truncated.text}${suffix}`) as string;
+  const rendered = marked.parse(`${truncated.text}${suffix}`, {
+    renderer: htmlEscapeRenderer,
+  }) as string;
  const sanitized = DOMPurify.sanitize(rendered, {
    ALLOWED_TAGS: allowedTags,
    ALLOWED_ATTR: allowedAttrs,
@@ -123,6 +125,13 @@ export function toSanitizedMarkdownHtml(markdown: string): string {
  return sanitized;
 }

+// Prevent raw HTML in chat messages from being rendered as formatted HTML.
+// Display it as escaped text so users see the literal markup.
+// Security is handled by DOMPurify, but rendering pasted HTML (e.g. error
+// pages) as formatted output is confusing UX (#13937).
+const htmlEscapeRenderer = new marked.Renderer();
+htmlEscapeRenderer.html = ({ text }: { text: string }) => escapeHtml(text);
+
 function escapeHtml(value: string): string {
  return value
    .replace(/&/g, "&amp;")