diff --git a/extensions/markdown-language-features/src/features/previewContentProvider.ts b/extensions/markdown-language-features/src/features/previewContentProvider.ts
index 82e3422937cb4be5f0a962ce8eac6cb0e5e8c44b..ced0a148f279f1a1e93a716ab98d511999a9e214 100644
--- a/extensions/markdown-language-features/src/features/previewContentProvider.ts
+++ b/extensions/markdown-language-features/src/features/previewContentProvider.ts
@@ -35,6 +35,10 @@ const previewStrings = {
'Content Disabled Security Warning')
};
+function escapeAttribute(value: string): string {
+ return value.replace(/"/g, '"');
+}
+
export class MarkdownContentProvider {
constructor(
private readonly engine: MarkdownEngine,
@@ -75,9 +79,9 @@ export class MarkdownContentProvider {
${csp}
+ data-settings="${escapeAttribute(JSON.stringify(initialData))}"
+ data-strings="${escapeAttribute(JSON.stringify(previewStrings))}"
+ data-state="${escapeAttribute(JSON.stringify(state || {}))}">
${this.getStyles(sourceUri, nonce, config, state)}
@@ -142,7 +146,7 @@ export class MarkdownContentProvider {
private computeCustomStyleSheetIncludes(resource: vscode.Uri, config: MarkdownPreviewConfiguration): string {
if (Array.isArray(config.styles)) {
return config.styles.map(style => {
- return ``;
+ return ``;
}).join('\n');
}
return '';
@@ -175,7 +179,7 @@ export class MarkdownContentProvider {
private getStyles(resource: vscode.Uri, nonce: string, config: MarkdownPreviewConfiguration, state?: any): string {
const baseStyles = this.contributionProvider.contributions.previewStyles
- .map(resource => ``)
+ .map(resource => ``)
.join('\n');
return `${baseStyles}
@@ -186,7 +190,7 @@ export class MarkdownContentProvider {
private getScripts(nonce: string): string {
return this.contributionProvider.contributions.previewScripts
- .map(resource => ``)
+ .map(resource => ``)
.join('\n');
}