api: sanitize raw markdown content (#5907)

Fixed a security issue reported by bluebird.
author: ᴜɴᴋɴᴡᴏɴ <u@gogs.io> 2020-01-27 00:18:46 +0800
committer: GitHub <noreply@github.com> 2020-01-27 00:18:46 +0800
commit: 5e6c3b9d0e9a06764079bc07c0419b1ebf9183eb (patch)
tree: b745ef368b6efdc34c508232f1ad785ae3fb8ce1 /internal/markup/markdown.go
parent: 0a461b829af1ff54994287505012bd07fbf3bf44 (diff)
1 files changed, 1 insertions, 2 deletions
diff --git a/internal/markup/markdown.go b/internal/markup/markdown.go
index db581a71..a5380028 100644
--- a/internal/markup/markdown.go
+++ b/internal/markup/markdown.go
@@ -157,8 +157,7 @@ func RawMarkdown(body []byte, urlPrefix string) []byte {
 		extensions |= blackfriday.EXTENSION_HARD_LINE_BREAK
 	}
 
-	body = blackfriday.Markdown(body, renderer, extensions)
-	return body
+	return blackfriday.Markdown(body, renderer, extensions)
 }
 
 // Markdown takes a string or []byte and renders to HTML in Markdown syntax with special links.
author	ᴜɴᴋɴᴡᴏɴ <u@gogs.io>	2020-01-27 00:18:46 +0800
committer	GitHub <noreply@github.com>	2020-01-27 00:18:46 +0800
commit	5e6c3b9d0e9a06764079bc07c0419b1ebf9183eb (patch)
tree	b745ef368b6efdc34c508232f1ad785ae3fb8ce1 /internal/markup/markdown.go
parent	0a461b829af1ff54994287505012bd07fbf3bf44 (diff)