diff --git a/src/components/compose.jsx b/src/components/compose.jsx
index 77bd451d..545765c8 100644
--- a/src/components/compose.jsx
+++ b/src/components/compose.jsx
@@ -147,23 +147,22 @@ const SCAN_RE = new RegExp(
);
const segmenter = new Intl.Segmenter();
-function highlightText(text, { maxCharacters = Infinity }) {
- // Accept text string, return formatted HTML string
- // Escape all HTML special characters
- let html = text
+function escapeHTML(text) {
+ return text
.replace(/&/g, '&')
.replace(//g, '>')
.replace(/"/g, '"')
.replace(/'/g, ''');
-
+}
+function highlightText(text, { maxCharacters = Infinity }) {
// Exceeded characters limit
const { composerCharacterCount } = states;
if (composerCharacterCount > maxCharacters) {
// Highlight exceeded characters
let withinLimitHTML = '',
exceedLimitHTML = '';
- const htmlSegments = segmenter.segment(html);
+ const htmlSegments = segmenter.segment(text);
for (const { segment, index } of htmlSegments) {
if (index < maxCharacters) {
withinLimitHTML += segment;
@@ -174,13 +173,13 @@ function highlightText(text, { maxCharacters = Infinity }) {
if (exceedLimitHTML) {
exceedLimitHTML =
'' +
- exceedLimitHTML +
+ escapeHTML(exceedLimitHTML) +
'';
}
- return withinLimitHTML + exceedLimitHTML;
+ return escapeHTML(withinLimitHTML) + exceedLimitHTML;
}
- return html
+ return escapeHTML(text)
.replace(urlRegexObj, '$2$3') // URLs
.replace(MENTION_RE, '$1$2') // Mentions
.replace(HASHTAG_RE, '$1$2') // Hashtags