From 0f9733c890077942150696dcc6d2b1482b7a0a19 Mon Sep 17 00:00:00 2001
From: lealife <lifephp@gmail.com>
Date: Sat, 27 Mar 2021 16:12:46 +0800
Subject: [PATCH] fix note history xss

---
 public/js/plugins/history.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/public/js/plugins/history.js b/public/js/plugins/history.js
index 68cc3d2..8a37ef4 100644
--- a/public/js/plugins/history.js
+++ b/public/js/plugins/history.js
@@ -49,6 +49,7 @@ define('history', [], function() {
             if (this.note.IsMarkdown) {
                 wrap = '<pre>';
                 wrapEnd = '</pre>';
+                content = trimTitle(content) // for xss
             }
             $historyContent.html(wrap + content + wrapEnd);