From 64bf39da29256832841021235d64165da49f5cad Mon Sep 17 00:00:00 2001
From: shibao <shibao@bubbletea.dev>
Date: Sat, 15 Feb 2025 02:44:49 +0000
Subject: [PATCH] fix content not escaping html properly

---
 changelog.md                                | 1 +
 lib/memex_web/components/core_components.ex | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/changelog.md b/changelog.md
index d39bdfe..2c9486f 100644
--- a/changelog.md
+++ b/changelog.md
@@ -1,5 +1,6 @@
 # v0.1.18
 - Update deps
+- Fix content not escaping HTML properly
 
 # v0.1.17
 - Fix new invite button not working
diff --git a/lib/memex_web/components/core_components.ex b/lib/memex_web/components/core_components.ex
index 0f03903..27a52e6 100644
--- a/lib/memex_web/components/core_components.ex
+++ b/lib/memex_web/components/core_components.ex
@@ -139,6 +139,8 @@ defmodule MemexWeb.CoreComponents do
   defp display_links(record) do
     record
     |> get_content()
+    |> Phoenix.HTML.html_escape()
+    |> Phoenix.HTML.safe_to_string()
     |> replace_hyperlinks(record)
     |> replace_triple_links(record)
     |> replace_double_links(record)