Add safeHTML function on user input text/html

Author: jhauraw

layouts/partials/alert.html

@@ -15,6 +15,6 @@
 {{- $textColor100 := index (dict "default" "text-raven-100" "info" "text-blue-100" "warn" "text-orange-100" "alert" "text-red-100") $type -}}
 {{- $textColor700 := index (dict "default" "text-raven-700" "info" "text-blue-700" "warn" "text-orange-700" "alert" "text-red-700") $type -}}
 <div class="flex items-center justify-center font-content-sans rounded {{ $bgColor100 }} px-4 py-4" role="alert">
-  <span class="text-xs font-bold uppercase leading-none rounded-full {{ $textColor100 }} {{ $bgColor500 }} px-2 py-1 mr-3">{{ $badge }}</span>
-  <span class="font-semibold {{ $textColor700 }}">{{ .message | markdownify }}</span>
+  <span class="text-xs font-bold uppercase leading-none rounded-full {{ $textColor100 }} {{ $bgColor500 }} px-2 py-1 mr-3">{{ $badge | safeHTML }}</span>
+  <span class="font-semibold {{ $textColor700 }}">{{ .message | markdownify | safeHTML }}</span>
 </div>

layouts/partials/button.html

@@ -28,13 +28,13 @@
   {{- with $svg }}
   {{ . | safeHTML }}
   {{- end }}
-  <span>{{ $text }}</span>
+  <span>{{ $text | safeHTML }}</span>
 </a>
 {{- else }}
 <button class="{{ $class }}" role="button">
   {{- with $svg }}
   {{ . | safeHTML }}
   {{- end }}
-  <span>{{ $text }}</span>
+  <span>{{ $text | safeHTML }}</span>
 </button>
 {{- end }}

layouts/partials/figure.html

@@ -46,13 +46,13 @@
 {{- if or (or (.title) (.caption)) (.attr) }}
 <figcaption class="{{ $captionClass }}">
 {{- with (.title) }}
-<h4>{{ . }}</h4>
+<h4>{{ . | safeHTML }}</h4>
 {{- end }}
 {{- if or (.caption) (.attr) }}
-<p>{{- .caption | markdownify -}}
+<p>{{- .caption | markdownify | safeHTML -}}
 {{ if .attr }} {{ end }}{{/* yup, just a space */}}
 {{- with .attrlink }}<a href="{{ . }}">{{- end -}}
-{{ .attr | markdownify }}
+{{ .attr | markdownify | safeHTML }}
 {{- if .attrlink }}</a>{{- end -}}
 </p>
 {{- end }}