```

csfwff · csfwff · commit 8abffb4dcd35 · 2025-12-24T18:36:52.000+08:00
feat(util): 添加Markdown格式字符清理功能

- 在Markdowns.clean方法中集成格式字符清理
- 创建MdSanitizer工具类处理格式字符移除
- 使用正则表达式识别并移除Unicode格式字符
- 防止格式字符在HTML输出中造成安全问题
```
diff --git a/src/main/java/org/b3log/symphony/util/Markdowns.java b/src/main/java/org/b3log/symphony/util/Markdowns.java
@@ -156,6 +156,7 @@ private Markdowns() {
      * @return safe HTML content
      */
     public static String clean(String content, final String baseURI) {
+        content = MdSanitizer.stripFormatChars(content);
         final Whitelist whitelist = Whitelist.relaxed().addAttributes(":all", "id", "target", "data-src", "aria-name", "aria-label");
         inputWhitelist(whitelist);
         final Document.OutputSettings outputSettings = new Document.OutputSettings();
diff --git a/src/main/java/org/b3log/symphony/util/MdSanitizer.java b/src/main/java/org/b3log/symphony/util/MdSanitizer.java
@@ -0,0 +1,12 @@
+package org.b3log.symphony.util;
+
+import java.util.regex.Pattern;
+
+public final class MdSanitizer {
+    private static final Pattern CF = Pattern.compile("\\p{Cf}+");
+
+    public static String stripFormatChars(String s) {
+        if (s == null) return null;
+        return CF.matcher(s).replaceAll("");
+    }
+}
