import { marked } from "marked"; import sanitizeHtml from "sanitize-html"; const ALLOWED_TAGS = [ "p", "br", "h1", "h2", "h3", "h4", "h5", "h6", "ul", "ol", "li", "blockquote", "pre", "code", "strong", "em", "del", "s", "a", "hr", "table", "thead", "tbody", "tr", "th", "td", "img", ]; const ALLOWED_ATTRIBUTES: sanitizeHtml.IOptions["allowedAttributes"] = { a: ["href", "title"], img: ["src", "alt", "title"], code: ["class"], td: ["align"], th: ["align"], }; export function renderMarkdown(content: string): string { const raw = marked.parse(content, { async: false }) as string; return sanitizeHtml(raw, { allowedTags: ALLOWED_TAGS, allowedAttributes: ALLOWED_ATTRIBUTES, allowedSchemes: ["http", "https", "mailto"], allowedSchemesByTag: { img: ["http", "https"] }, }); }