Merge pull request #751 from metamaps/feature/markdown-xss-safe

enable xss filtering and smart quote replacement in markdown
This commit is contained in:
Devin Howard 2016-10-09 10:23:00 +08:00 committed by GitHub
commit 56d3ef8bea

View file

@ -123,7 +123,9 @@ const Util = {
return (url.match(/^https?:\/\/(?:www\.)?youtube.com\/watch\?(?=[^?]*v=\w+)(?:[^\s?]+)?$/) != null) return (url.match(/^https?:\/\/(?:www\.)?youtube.com\/watch\?(?=[^?]*v=\w+)(?:[^\s?]+)?$/) != null)
}, },
mdToHTML: text => { mdToHTML: text => {
return new HtmlRenderer().render(new Parser().parse(text)) // use safe: true to filter xss
return new HtmlRenderer({ safe: true, smart: true })
.render(new Parser().parse(text))
} }
} }