diff --git a/js/privatebin.js b/js/privatebin.js index be66043..57eb273 100644 --- a/js/privatebin.js +++ b/js/privatebin.js @@ -2894,7 +2894,7 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { for (var i = 0; i < $head.length; i++) { newDoc.write($head[i].outerHTML); } - newDoc.write('
' + DOMPurify.sanitize(paste) + '
'); + newDoc.write('
' + DOMPurify.sanitize($('
').text(paste).html()) + '
'); newDoc.close(); } diff --git a/tpl/bootstrap.php b/tpl/bootstrap.php index 10a1b61..272c4cb 100644 --- a/tpl/bootstrap.php +++ b/tpl/bootstrap.php @@ -75,7 +75,7 @@ if ($MARKDOWN): endif; ?> - + diff --git a/tpl/page.php b/tpl/page.php index ea09be0..ac54ea0 100644 --- a/tpl/page.php +++ b/tpl/page.php @@ -53,7 +53,7 @@ if ($MARKDOWN): endif; ?> - +