Merge pull request #751 from metamaps/feature/markdown-xss-safe
enable xss filtering and smart quote replacement in markdown
This commit is contained in:
Devin Howard
GitHub
commit
56d3ef8bea
1 changed files with 3 additions and 1 deletions
|
|
@ -123,7 +123,9 @@ const Util = {
|
||||||
return (url.match(/^https?:\/\/(?:www\.)?youtube.com\/watch\?(?=[^?]*v=\w+)(?:[^\s?]+)?$/) != null)
|
return (url.match(/^https?:\/\/(?:www\.)?youtube.com\/watch\?(?=[^?]*v=\w+)(?:[^\s?]+)?$/) != null)
|
||||||
},
|
},
|
||||||
mdToHTML: text => {
|
mdToHTML: text => {
|
||||||
return new HtmlRenderer().render(new Parser().parse(text))
|
// use safe: true to filter xss
|
||||||
|
return new HtmlRenderer({ safe: true, smart: true })
|
||||||
|
.render(new Parser().parse(text))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue