Fix chat sanitizer replace with plaintext logic

mjbvz · mjbvz · commit 3a49a298f119 · 2025-07-30T09:19:29.000-07:00
diff --git a/src/vs/base/browser/markdownRenderer.ts b/src/vs/base/browser/markdownRenderer.ts
@@ -546,15 +546,19 @@ function getSanitizerOptions(isTrusted: boolean | MarkdownStringTrustedOptions,
 				}
 			},
 			uponSanitizeElement: (element, e) => {
+				let wantsReplaceWithPlaintext = false;
 				if (e.tagName === 'input') {
 					if (element.attributes.getNamedItem('type')?.value === 'checkbox') {
 						element.setAttribute('disabled', '');
-					} else if (!options.replaceWithPlaintext) {
+					} else if (options.replaceWithPlaintext) {
+						wantsReplaceWithPlaintext = true;
+					} else {
 						element.remove();
+						return;
 					}
 				}
 
-				if (options.replaceWithPlaintext && !e.allowedTags[e.tagName] && e.tagName !== 'body') {
+				if (options.replaceWithPlaintext && (wantsReplaceWithPlaintext || (!e.allowedTags[e.tagName] && e.tagName !== 'body'))) {
 					if (element.parentElement) {
 						let startTagText: string;
 						let endTagText: string | undefined;
diff --git a/src/vs/base/test/browser/markdownRenderer.test.ts b/src/vs/base/test/browser/markdownRenderer.test.ts
@@ -346,6 +346,17 @@ suite('MarkdownRenderer', () => {
 			const result = store.add(renderMarkdown(mds)).element;
 			assert.strictEqual(result.innerHTML, `<img src="vscode-file://vscode-app/images/cat.gif">`);
 		});
+
+		test('Should only allow checkbox inputs', () => {
+			const mds = new MarkdownString(
+				'text: <input type="text">\ncheckbox:<input type="checkbox">',
+				{ supportHtml: true });
+
+			const result = store.add(renderMarkdown(mds)).element;
+
+			// Inputs should always be disabled too
+			assert.strictEqual(result.innerHTML, `<p>text: \ncheckbox:<input type="checkbox" disabled=""></p>`);
+		});
 	});
 
 	suite('fillInIncompleteTokens', () => {
diff --git a/src/vs/workbench/contrib/chat/test/browser/__snapshots__/ChatMarkdownRenderer_self-closing_elements.1.snap b/src/vs/workbench/contrib/chat/test/browser/__snapshots__/ChatMarkdownRenderer_self-closing_elements.1.snap
@@ -0,0 +1 @@
+<div class="rendered-markdown"><p>&lt;area&gt;</p><hr><br><input type="checkbox" disabled=""><p></p></div>
diff --git a/src/vs/workbench/contrib/chat/test/browser/chatMarkdownRenderer.test.ts b/src/vs/workbench/contrib/chat/test/browser/chatMarkdownRenderer.test.ts
@@ -79,10 +79,18 @@ suite('ChatMarkdownRenderer', () => {
 	});
 
 	test('self-closing elements', async () => {
-		const md = new MarkdownString('<area><hr><br><input type="text" value="test">');
-		md.supportHtml = true;
-		const result = store.add(testRenderer.render(md));
-		await assertSnapshot(result.element.outerHTML);
+		{
+			const md = new MarkdownString('<area><hr><br><input type="text" value="test">');
+			md.supportHtml = true;
+			const result = store.add(testRenderer.render(md));
+			await assertSnapshot(result.element.outerHTML);
+		}
+		{
+			const md = new MarkdownString('<area><hr><br><input type="checkbox">');
+			md.supportHtml = true;
+			const result = store.add(testRenderer.render(md));
+			await assertSnapshot(result.element.outerHTML);
+		}
 	});
 
 	test('html comments', async () => {

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+<div class="rendered-markdown"><p><area></p><hr><br><input type="checkbox" disabled=""><p></p></div>`