# enhancement request - sanitize <script> tags in MathJax #128

Closed
opened this Issue May 30, 2014 · 1 comment

Projects
None yet
2 participants
Contributor

### trevor commented May 30, 2014

 Sorry if I'm missing the obvious way to do this: I'd like to sanitize input between the MathJax markers such that script tags are not allowed. This seems relatively straightforward elsewhere in user-submitted kramdown content, but the MathJax tags appear to allow injection. For instance:   is rendered as:  %]]> Which causes the second alert b to appear.
Owner

### gettalong commented Jun 2, 2014

 Thanks for reporting this bug! This will be fixed in the next release.