go-gitea
diff --git a/‎modules/markup/sanitizer_default.go
Lines changed: 4 additions & 3 deletions b/‎modules/markup/sanitizer_default.go
Lines changed: 4 additions & 3 deletions
diff --git a/‎modules/markup/sanitizer_default_test.go
Lines changed: 1 addition & 1 deletion b/‎modules/markup/sanitizer_default_test.go
Lines changed: 1 addition & 1 deletion
diff --git a/‎modules/templates/helper.go
Lines changed: 2 additions & 2 deletions b/‎modules/templates/helper.go
Lines changed: 2 additions & 2 deletions
@@ -4,6 +4,7 @@
 package markup
 
 import (
+	"html/template"
 	"io"
 	"net/url"
 	"regexp"
@@ -92,9 +93,9 @@ func (st *Sanitizer) createDefaultPolicy() *bluemonday.Policy {
 	return policy
 }
 
-// Sanitize takes a string that contains a HTML fragment or document and applies policy whitelist.
-func Sanitize(s string) string {
-	return GetDefaultSanitizer().defaultPolicy.Sanitize(s)
+// Sanitize use default sanitizer policy to sanitize a string
+func Sanitize(s string) template.HTML {
+	return template.HTML(GetDefaultSanitizer().defaultPolicy.Sanitize(s))
 }
 
 // SanitizeReader sanitizes a Reader
 
@@ -69,6 +69,6 @@ func TestSanitizer(t *testing.T) {
 	}
 
 	for i := 0; i < len(testCases); i += 2 {
-		assert.Equal(t, testCases[i+1], Sanitize(testCases[i]))
+		assert.Equal(t, testCases[i+1], string(Sanitize(testCases[i])))
 	}
 }
@@ -176,9 +176,9 @@ func safeHTML(s any) template.HTML {
 	panic(fmt.Sprintf("unexpected type %T", s))
 }
 
-// SanitizeHTML sanitizes the input by pre-defined markdown rules
+// SanitizeHTML sanitizes the input by default sanitization rules.
 func SanitizeHTML(s string) template.HTML {
-	return template.HTML(markup.Sanitize(s))
+	return markup.Sanitize(s)
 }
 
 func htmlEscape(s any) template.HTML {
Original file line number	Diff line number	Diff line change
`@@ -69,6 +69,6 @@ func TestSanitizer(t *testing.T) {`
`69`	`69`	`}`
`70`	`70`
`71`	`71`	`for i := 0; i < len(testCases); i += 2 {`
`72`		`- assert.Equal(t, testCases[i+1], Sanitize(testCases[i]))`
	`72`	`+ assert.Equal(t, testCases[i+1], string(Sanitize(testCases[i])))`
`73`	`73`	`}`
`74`	`74`	`}`
Original file line number	Diff line number	Diff line change
`@@ -176,9 +176,9 @@ func safeHTML(s any) template.HTML {`
`176`	`176`	`panic(fmt.Sprintf("unexpected type %T", s))`
`177`	`177`	`}`
`178`	`178`
`179`		`-// SanitizeHTML sanitizes the input by pre-defined markdown rules`
	`179`	`+// SanitizeHTML sanitizes the input by default sanitization rules.`
`180`	`180`	`func SanitizeHTML(s string) template.HTML {`
`181`		`- return template.HTML(markup.Sanitize(s))`
	`181`	`+ return markup.Sanitize(s)`
`182`	`182`	`}`
`183`	`183`
`184`	`184`	`func htmlEscape(s any) template.HTML {`