Skip to content

Add sanitize_html(html) function #2001

Description

@harehare

to_html only converts the Markdown AST to HTML; there is no way to safely render arbitrary/user-generated HTML content with XSS protection (allowlist-based sanitization). This would pair naturally with the existing http-import/--allow-net security-conscious design of the project.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Projects

    Status
    Backlog

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions