packages/markdown/remark/src/rehype-escape.ts


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

import { SKIP, visit } from 'unist-util-visit';

export function escapeEntities(value: string): string {
	return value.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
}

export default function rehypeEscape(): any {
	return function (node: any): any {
		return visit(node, 'element', (el) => {
			if (el.tagName === 'code' || el.tagName === 'pre') {
				el.properties['is:raw'] = true;
				// Visit all raw children and escape HTML tags to prevent Markdown code
				// like "This is a `<script>` tag" from actually opening a script tag
				visit(el, 'raw', (raw) => {
					raw.value = escapeEntities(raw.value);
				});
				// Do not visit children to prevent double escaping
				return SKIP;
			}
		});
	};
}