From b9d89ce2f387d8714d202013ccc9353859d16f3c Mon Sep 17 00:00:00 2001
From: jacobhanson1010 <jacob.hanson1010@gmail.com>
Date: Sun, 7 Jul 2024 22:37:33 +0000
Subject: [PATCH] Don't sanitize node.textContent

---
 src/utils.js | 36 ++++--------------------------------
 1 file changed, 4 insertions(+), 32 deletions(-)

diff --git a/src/utils.js b/src/utils.js
index 04723af..d96585f 100644
--- a/src/utils.js
+++ b/src/utils.js
@@ -100,10 +100,10 @@ export function bionify() {
 
       return (
         '<bionify class="bionify-highlight">' +
-        word.slice(0, numBold) +
+        escapeHtml(word.slice(0, numBold)) +
         "</bionify>" +
         '<bionify class="bionify-rest">' +
-        word.slice(numBold) +
+        escapeHtml(word.slice(numBold)) +
         "</bionify>"
       );
     }
@@ -122,42 +122,14 @@ export function bionify() {
     var entityMap = {
       "&": "&amp;",
       "<": "&lt;",
-      ">": "&gt;",
-      '"': "&quot;",
-      "'": "&#39;",
-      "/": "&#x2F;",
-      "`": "&#x60;",
-      "=": "&#x3D;",
     };
 
     function escapeHtml(string) {
-      return String(string).replace(/[&<>"'`=\/]/g, function (s) {
+      return String(string).replace(/[&<]/g, function (s) {
         return entityMap[s];
       });
     }
 
-    function htmlUnescape(str) {
-      return str
-        .replace(/&amp;/g, "&")
-        .replace(/&quot;/g, '"')
-        .replace(/&#39;/g, "'")
-        .replace(/&lt;/g, "<")
-        .replace(/&gt;/g, ">")
-        .replace(/&#x2F/g, "/")
-        .replace(/&#x3D;/g, "=")
-        .replace(/&#x60;/g, "`");
-    }
-
-    function sanitize(unsafe_str) {
-      return unsafe_str
-        .replace(/&/g, "&amp;")
-        .replace(/</g, "&lt;")
-        .replace(/>/g, "&gt;")
-        .replace(/\"/g, "&quot;");
-      // .replace(/\'/g, "&#39;");
-      // .replace(/\//g, "&#x2F;");
-    }
-
     function bionifyifyNode(node) {
       if (
         node.tagName === "SCRIPT" ||
@@ -168,7 +140,7 @@ export function bionify() {
       if (node.childNodes == undefined || node.childNodes.length == 0) {
         if (node.textContent != undefined && node.tagName == undefined) {
           var newNode = document.createElement("bionify");
-          newNode.innerHTML = bionifyifyText(sanitize(node.textContent));
+          newNode.innerHTML = bionifyifyText(node.textContent);
           if (node.textContent.length > 20) {
             node.replaceWith(newNode);
           }