From 5a30e73e330d9b1c5e963cd77f4b4407ea542f2d Mon Sep 17 00:00:00 2001
From: Ludovico7 <hailid3111@gmail.com>
Date: Fri, 29 Nov 2024 01:39:51 +0900
Subject: [PATCH 1/2] =?UTF-8?q?fix:=20=EB=A7=88=ED=81=AC=EB=8B=A4=EC=9A=B4?=
 =?UTF-8?q?=20=ED=83=90=EC=A7=80=20=EB=A1=9C=EC=A7=81=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 client/src/features/editor/hooks/useMarkdownGrammer.ts | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/client/src/features/editor/hooks/useMarkdownGrammer.ts b/client/src/features/editor/hooks/useMarkdownGrammer.ts
index e6fb2eac..a3f5e714 100644
--- a/client/src/features/editor/hooks/useMarkdownGrammer.ts
+++ b/client/src/features/editor/hooks/useMarkdownGrammer.ts
@@ -395,8 +395,13 @@ export const useMarkdownGrammer = ({
           const selection = window.getSelection();
           if (!selection) return;
           const currentContent = currentBlock.crdt.read();
+          const currentCaret = getAbsoluteCaretPosition(e.currentTarget);
           const markdownElement = checkMarkdownPattern(currentContent);
-          if (markdownElement && currentBlock.type === "p") {
+          if (
+            markdownElement &&
+            currentCaret === markdownElement.length &&
+            currentBlock.type === "p"
+          ) {
             e.preventDefault();
             // 마크다운 패턴 매칭 시 타입 변경하고 내용 비우기
             currentBlock.type = markdownElement.type;

From 862eabe130c1388885e9d663f094085bd930ad78 Mon Sep 17 00:00:00 2001
From: Ludovico7 <hailid3111@gmail.com>
Date: Fri, 29 Nov 2024 01:48:29 +0900
Subject: [PATCH 2/2] =?UTF-8?q?fix:=20XSS=20=EB=B0=A9=EC=A7=80=20=EC=BD=94?=
 =?UTF-8?q?=EB=93=9C=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 client/src/features/editor/utils/domSyncUtils.ts | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/client/src/features/editor/utils/domSyncUtils.ts b/client/src/features/editor/utils/domSyncUtils.ts
index 53a4a4b9..fb5f4f5a 100644
--- a/client/src/features/editor/utils/domSyncUtils.ts
+++ b/client/src/features/editor/utils/domSyncUtils.ts
@@ -139,7 +139,11 @@ const setsEqual = (a: Set<string>, b: Set<string>): boolean => {
 };
 
 const sanitizeText = (text: string): string => {
-  return text.replace(/<br>/g, "\u00A0");
+  return text
+    .replace(/<br>/g, "\u00A0")
+    .replace(/</g, "&lt;")
+    .replace(/>/g, "&gt;")
+    .replace(/&/g, "&amp;");
 };
 
 // 배열 비교 헬퍼 함수