Fix markdown rendering in article titles #17
Conversation
This change ensures that markdown syntax in titles (like *italic* and **bold**) is properly rendered as HTML when displayed on pages, while being stripped for meta tags, browser titles, and Open Graph images. Changes: - Add stripMarkdown() function to remove markdown syntax for plain text contexts - Update page templates to render markdown in displayed titles using renderInlineMarkdown() - Strip markdown from titles in meta tags, Open Graph data, and browser title - Improve semantic HTML by using <h1> instead of <div> for page titles Fixes issue where asterisks and other markdown syntax appeared literally in article titles instead of being rendered as formatted text.
PR Validation ✅All checks passed! Ready for review. Checks Performed:✓ Linting This is a complete dry-run of the deployment process, ensuring your changes will deploy successfully when merged. |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| <div class="animate text-2xl font-semibold text-black dark:text-white"> | ||
| {post.data.title} | ||
| </div> | ||
| <h1 class="animate text-2xl font-semibold text-black dark:text-white" set:html={renderedTitle}></h1> |
There was a problem hiding this comment.
The updated title rendering binds renderedTitle directly into set:html, but renderInlineMarkdown purposely leaves any text outside of markdown markers unescaped. If a post title contains literal < characters or HTML (from frontmatter or a CMS), the HTML will now be injected into the page and can execute scripts, whereas the previous {post.data.title} rendering was safely escaped. This creates an XSS vector for untrusted or malformed titles. The same pattern appears in the briefs and projects templates; the HTML output should be sanitized or escaped before using set:html.
Useful? React with 👍 / 👎.
* Content and style updates. (#15) * Switched from hardcoded ports to using trop. * Updated `trop` article. * Ensure list items use article serif font (#13) * Further article adjustments. (#14) * Content updates * Dictionary additions. * Fix HTML spellcheck failures (#16) - Fixed typos in generic-testing blog post: - 'exapmle' → 'example' (3 instances) - 'actuall' → 'actually' (1 instance) - 'Algrebra' → 'Algebra' (1 instance) - Added technical terms to cspell dictionary: - microbenchmarks - Xcodes - metatype/metatypes All HTML spellcheck tests now pass. Co-authored-by: Claude <noreply@anthropic.com> * Fix markdown rendering in article titles (#17) This change ensures that markdown syntax in titles (like *italic* and **bold**) is properly rendered as HTML when displayed on pages, while being stripped for meta tags, browser titles, and Open Graph images. Changes: - Add stripMarkdown() function to remove markdown syntax for plain text contexts - Update page templates to render markdown in displayed titles using renderInlineMarkdown() - Strip markdown from titles in meta tags, Open Graph data, and browser title - Improve semantic HTML by using <h1> instead of <div> for page titles Fixes issue where asterisks and other markdown syntax appeared literally in article titles instead of being rendered as formatted text. Co-authored-by: Claude <noreply@anthropic.com> * The new learn-spelling command. * Justfile cleanup. * Spelling incosistency fix. * Add Claude Code GitHub Workflow (#20) * "Claude PR Assistant workflow" * "Claude Code Review workflow" * Updating gitignore for pending feature. * Fix ESLint quote style in learn-spelling.js Change single quotes to double quotes to comply with project ESLint config. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * Add Claude Code hook for auto-linting on file changes Configures a PostToolUse hook that runs after Write/Edit operations: - ESLint fix for js/jsx/ts/tsx/astro files - Spellcheck for md/mdx files 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com>
This change ensures that markdown syntax in titles (like italic and bold) is properly rendered as HTML when displayed on pages, while being stripped for meta tags, browser titles, and Open Graph images.
Changes:
instead of for page titles
Fixes issue where asterisks and other markdown syntax appeared literally in article titles instead of being rendered as formatted text.